GRC Analyst

As an Information Security Officer (for GRC and Awareness) at our company, your role will involve ensuring effective implementation and continuous adherence to policies and procedures. You will be responsible for maintaining and enhancing Governance, Risk, and Compliance (GRC) programs to align with legal, regulatory, and contractual requirements. Regular evaluation and enhancement of information security controls to address evolving business and threat landscapes will be a key part of your responsibilities. Additionally, you will lead information security training and awareness programs to strengthen the organizational security culture, collaborate with IT and other departments to integrate security measures into all business processes, and conduct third party risk assessments. Key Responsibilities: - Ensure effective implementation and continuous adherence to policies and procedures - Maintain and improve Governance, Risk, and Compliance (GRC) programs - Regularly evaluate and enhance information security controls - Lead information security training and awareness programs - Facilitate collaboration with IT and other departments - Coordinate asset management, Business Impact Assessments, and risk assessments - Provide up-to-date security reports to the CISO and stakeholders - Conduct third party risk assessments Key Tasks: - Review and update security policies and procedures - Focus on refining the GRC framework for operational efficiency and compliance - Plan, coordinate, and follow-up on risk activities - Develop and deliver engaging security training sessions - Conduct third party security review on suppliers - Work as a liaison for integrating security practices - Compile and communicate security performance reports - Plan, coordinate, and follow-up on security projects Qualifications Required: - Bachelor's degree or higher in Information Security, Computer Science, or a related field - 5 years of experience in information security management or Cyber risk governance - Relevant security certifications (CISSP, CRISC, etc.) - Project leadership and strong communication skills - Strong proficiency in English, both written and verbal - Experience working with security frameworks and standards like CIS18, ISO27001 - Experience in developing and conducting security training programs is an advantage If you are passionate about security and eager to contribute to a high-performing team, we invite you to apply now with your CV and cover letter in English. Join our diverse team and be part of a global family with over almost 7,000 colleagues around the world. Experience a dynamic work environment that emphasizes work-life balance and offers opportunities for professional growth. Shape a brighter future with sustainable coating solutions at Hempel. Apply now and be inspired by a company that cares about its employees" professional development and values diversity in the workplace.,