Om jobbet
About the CompanyAvaron AB is a growing consultancy focused on technology, finance, and business support. We match your expertise with the market's most interesting assignments, offering a platform where your professional development is central.
About the Assignment
In this role, you will strengthen and evolve a global cyber security Governance, Risk and Compliance (GRC) capability. You will help ensure a robust, scalable security posture aligned with business objectives by developing governance structures, managing cyber and technology risks, and driving compliance with relevant laws, standards, and regulatory requirements.
You will work closely with multiple internal functions and external stakeholders to continuously improve services, processes, and controls-while acting as a clear and visible advocate for cyber security across the organization.
Job DescriptionContribute to the development and continuous improvement of cyber security GRC frameworks
Ensure governance structures and steering documents are accessible, understood, and adopted across the organization
Conduct and oversee cyber risk assessments at enterprise and operational levels
Maintain and regularly update central risk registers to enable risk-informed decision-making
Develop audit and control testing schedules and evaluate compliance levels and control effectiveness
Drive continuous improvement by identifying and implementing more effective and efficient controls and processes
Collaborate with internal teams and external stakeholders, including third-party vendors, to manage cyber security risks and ensure alignment with internal standards and contractual obligations
Act as a cyber security ambassador by making complex topics understandable and actionable for employees
RequirementsTypically, 5+ years in cyber security in a global enterprise
Typically, 3+ years in governance, risk management and compliance
Relevant education within GRC and/or information and cyber security (e.g., university degree, higher vocational education) or equivalent work experience
Good knowledge of regulatory compliance, preferably in a global market context
Good knowledge of cyber security best practices, standards and maturity models (e.g. ISO 27001, ISO 31000, ISO 22301, NIST CSF, C2M2)
Proven track record in risk management and reporting for global enterprises
Experience designing, implementing and governing cyber security frameworks
Experience working with auditors and QSAs in security assessments and certification processes
Strong communication and collaboration skills in English
Experience driving security awareness activities and building security culture
Proven change management skills
Nice to haveCISM, CISSP, CCISO or equivalent certification in information and cyber security
ISO 27001 certification (e.g. Lead Implementor or Lead Auditor)
Application
Selections are made on an ongoing basis, so we recommend that you apply as soon as possible.
Avaron AB
FöretagAvaron AB
