Governance, Risk and Compliance Expert at Collaboration Betters The World GmbH

, , -

Full Time

Start Date

Immediate

Expiry Date

12 May, 26

Salary

0.0

Posted On

11 Feb, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Governance, Risk Management, Compliance, Cybersecurity, Information Security, ISO 27001, ISO 27005, NIST, GDPR, Incident Management, Training, Analytical Skills, EBIOS RM, Policy Development, Security Standards, Best Practices

Industry

IT Services and IT Consulting

Description

Overview Who are we? Collaboration Betters The World (CBTW), is a company providing tech et business solutions to its clients, through the expertise of its 9 service lines.As a Governance, Risk and Compliance (GCR) Expert, you will join our Cybersecurity service line, where we are combining proactive and reactive strategies, we protect businesses against evolving cybersecurity threats, ensuring regulatory compliance and fortifying digital assets. Responsibilities What is your role? You will be part of a journey where you will have two impacts: a client impact and an internal impact. For the internal impact, based on your skills and time, you will be joining our internal security community at CBTW, to share knowledge and best practices. For the client impact, tasks can vary depending on the client and the project, but as a GCR Expert, you will mainly : Strategy and Governance: Help define information security strategy and scope Organize, frame, and manage security projects Implement an Information Security Management System (ISMS) Contribute to defining/revising policies and procedures (ISSP, SCS, incident response) Risk Management: Analyze and map risks (ISO 27005, EBIOS RM) Identify, evaluate, and monitor operational, compliance, and security risks Implement security performance indicators (KPIs) Compliance and Regulation: Ensure compliance with cybersecurity and data protection regulations (NIST, NIS2, DORA, GDPR) Evaluate information security posture Conduct internal audits Incident Management: Coordinate security incident response Monitor remediation plans (following incidents, audits) Implement corrective measures Training and Awareness: Provide training and raise employee awareness about GRC policies Promote security standards and best practices Qualifications You Hold a bachelor's or Master's degree in Cybersecurity, Information Security, or equivalent Have a minimum 5 years of experience in similar roles Speak French and English fluently Are certified ISO 27001 LI & LA (obtained or in progress) or ISO 27005 RM. Any CISM, CISP, CRISC, or CISA certifications are a plus. Master ISO 2700X standards (ISO 27001, ISO 27002, ISO 27005) Have knowledge of regulations like NIS2 EU, DORA, GDPR Have strong knowledge of functional cybersecurity and risk management Have advanced analytical skills Have knowledge ofEBIOS RM methodology Will be an outstanding candidate if you share our values: Positive Thinking, Collaboration, Evolution & Commitment. What are we offering? Evolution Personal follow-up during your career at CBTW Catalogue with a wide variety of trainings for hard- and soft skills, private language classes, unlimited access to an E-learning platform (Udemy, O'reilly ,…) and possibility to get certified every year. Collaboration On top of the security community , you can j oin one of the passion communities and practice your hobby or share your interests with other positive thinkers International collaboration, possibility to work worldwide On Top Of That Competitive salary with a flexible mobility package (variety of choice between e lectric cars, electric bikes, payment of rent/mortgage...) You will become part of a growing team of people keen on applying the latest technologies and knowledge. You will be able to work in a dynamic, innovative environment. Do you see a match? We would love to see your application coming in! 😉

Responsibilities

As a GCR Expert, you will help define information security strategy, manage security projects, and ensure compliance with regulations. You will also analyze risks, coordinate incident response, and provide training to raise employee awareness about GRC policies.