Senior Information Security and GRC Specialist at Yora

Gothenburg, , Sweden -

Full Time

Start Date

Immediate

Expiry Date

16 Jun, 26

Salary

0.0

Posted On

18 Mar, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Information Security, GRC, ISMS, Supplier Security, Regulatory Frameworks, NIS2, ISO 27001, Governance, Risk Management, Compliance, Cyber Security, Third Party Risk Management, Strategy, Operations

Industry

Construction

Description

We are looking for a senior information security professional to strengthen and operationalize security in an environment where both business needs and regulatory requirements are rapidly increasing. This role is suited for someone who combines strong strategic understanding with the ability to execute, structure and drive security work in practice. About the role You will work closely with the person responsible for cyber security and play a key role in developing and operationalizing the organization’s security work. The organization is relatively small, which means you will have a broad scope and real impact, from governance and structure to hands-on implementation. What you will do Continue developing and improving the organization’s ISMS after initial implementation Establish and enhance processes related to supplier security Ensure that security requirements towards external vendors are defined and followed up Work with compliance related to NIS2 and similar regulatory frameworks Support implementation and follow-up of ISO 27001 controls Drive dialogues with external suppliers regarding security requirements Document policies, processes and ways of working Contribute operationally to security activities when needed We are looking for someone who has Several years of experience within cyber security or information security Hands-on experience working with ISMS Experience with ISO 27001, both implementation and control frameworks Experience working with regulatory requirements such as NIS2 or similar Experience within supplier security or third party risk management Strong understanding of governance, risk and compliance Ability to work both strategically and operationally Experience working with larger suppliers or partners Fluency in Swedish and English is required Who you are Self-driven and confident in your expertise Pragmatic and solution-oriented Prestige-free and comfortable working hands-on Structured and process-driven Strong communicator with the ability to collaborate across stakeholders About YORA YORA is a tech hub where we bring together specialists within AI, cloud, cyber security and advanced software engineering. We work closely with our clients in environments where quality, security and delivery capability are critical. With us, you will work on assignments where your expertise creates real impact, both technically and from a business perspective.

Responsibilities

The specialist will be responsible for developing and operationalizing the organization's security work, focusing on enhancing the ISMS after initial implementation and establishing supplier security processes. This includes defining and following up on security requirements for external vendors and supporting compliance with regulatory frameworks.