Senior IT Governance Specialist - 14322

Om jobbet

Veritaz is a leading IT staffing solutions provider in Sweden, committed to advancing individual careers and aiding employers in securing the perfect talent fit. With a proven track record of successful partnerships with top companies, we have rapidly grown our presence in the USA, Europe, and Sweden as a dependable and trusted resource within the IT industry.

Assignment Description:

We are looking for a Senior IT Governance Specialist to join our dynamic team.

What you will work on:

Lead and support global IT security governance and compliance initiatives, with emphasis on US regulatory requirements.

Oversee adherence to GDPR, ISO 27001, SOC 2, CCPA, HIPAA, and related security frameworks.

Conduct audits and risk assessments, including internal/external audits, customer assessments, and remediation follow-up.

Manage and improve network and endpoint security processes, including firewalls, patch management, and vulnerability scanning.

Drive Identity & Access Management activities, including AD/Azure AD, MFA, RBAC, and access reviews.

Handle incident response activities such as investigation, containment, documentation, and post-incident improvement.

Lead security awareness initiatives, including phishing simulations, training, and global education programs.

Serve as a security liaison across IT, DevOps, HR, Finance, and senior leadership.

What you bring:

Strong background in IT security governance and compliance frameworks (GDPR, ISO 27001, SOC 2, CCPA, HIPAA, or similar).

Practical experience with Microsoft Defender, Intune, and M365 Security Center (Sentinel/SIEM is a plus).

Experience conducting audits, risk assessments, and remediation planning.

Solid understanding of network and endpoint security best practices.

Strong Identity & Access Management expertise with AD, Azure AD, MFA, and RBAC.

Hands-on experience with incident response and related processes.

Experience delivering global security awareness and training activities.

Excellent communication and stakeholder management skills.

Ability to work independently in a global environment and fully align with EST/GMT-5 working hours.

Security certifications such as CISSP, CISM, or ISO 27001 Lead Auditor (meriting).

Experience with DevSecOps or secure SDLC (meriting).

Experience working in international organisations (meriting)