Head of Information Security and GRC

Tasks

• Act as product BISO
• Assess product security risks and threats
• Coordinate internal and external audits
• Define and implement construction software security program
• Develop and maintain ISMS
• Ensure compliance with legal and regulatory requirements
• Implement security policies and procedures
• Integrate security measures into business processes
• Lead information security and GRC team
• Manage information and product security projects
• Own and maintain SOC2 certification
• Report security incidents and measures to management
• Support ISO27001 certification
• Support implementation of audit findings
• Translate regulatory and legal requirements into actionable controls

Perks/Benefits

• E Bikes
• Flexible work arrangements
• Hybrid work
• On-site daycare
• Parking
• Relocation support

Skills/Tech-stack

AI Security | Application Security | Cloud Security | Data Security | DevSecOps | Endpoint Security | Governance Risk | Governance risk compliance | IAM | ISMS | ISO27001 | Incident Response | Information security | NIST | Risk Management | Risk compliance | SDLC | SOC2 | Security Architecture | Security Frameworks | Security policies | Security procedures