Job offer: Governance, Risk and Compliance Specialist

Our client specializing in the legal sector is looking to recruit a GRC Specialist to join their team.

Responsibilities:

• Develop, implement, and maintain ISO management systems and ensure compliance with ISO standards (e.g., ISO 27001, ISO 9001) through regular audits and reporting.
• Prepare ISO compliance reports for senior management and relevant committees.
• Establish, maintain, and audit cybersecurity frameworks (e.g., NIST, GDPR), with ongoing monitoring of policies and practices.
• Create cybersecurity compliance reports, including remediation guidance, for senior management.
• Develop and enforce governance frameworks and policies that align with ISO standards.
• Present governance reports and collaborate with stakeholders on compliance issue resolution.
• Identify and assess risks, implement mitigation strategies, maintain risk registers, and provide guidance on risk management practices.
• Prepare and present risk management reports to senior management, serving as Risk Officer for legal entities as needed.
• Support supplier onboarding by conducting risk assessments.
• Conduct ISO and GRC compliance training sessions and create educational resources for ongoing awareness.
• Promote a risk-aware culture within the firm through guidance and support on GRC-related matters.
• Work with internal and external stakeholders to maintain compliance with regulatory requirements and industry best practices.

• Minimum of 3-5 years of experience in risk management or IT audit, ideally in a GRC capacity or comparable experience with a regulated entity
• Strong knowledge of relevant regulatory requirements, DORA, industry standards, and best practices.
• Solid experience in conducting risk assessments, developing controls, and monitoring effectiveness of controls.
• Proficiency in using GRC software and tools.
• Excellent analytical and problem-solving skills.
• Fluency in written and spoken English

• Bachelor’s degree in Business Administration, Information Technology, Cybersecurity, Law, or a related field.
• Relevant certifications such as CISM, CRISC, CISA, CISSP, or similar.

• Health insurance
• Hybrid
• Parking benefits
• Discounts across various shops
• Car cash allowance