INFOSEC, GRC AND VULNERABILITIES
Securing your company data – as well as assessing ongoing risks, vulnerabilities and having processes in place to deal with a potential data breach – is essential if day-to-day operations are to run smoothly. This is where your InfoSec team comes in, and why there is such a huge demand for exceptional InfoSec, GRC and various forms of vulnerability & penetration testing professionals across industry sectors. In line with this demand, the variety of InfoSec jobs continues to grow.
We Source & Select Top InfoSec Talent
We deliver top-tier InfoSec talent to help you create and implement the essential policy and procedure needed to protect and effectively govern your organisation’s data. With end-to-end coverage of recruitment services across the entire information security office, we source experts ranging from Information Security officers, GRC consultants, Penetration Testers and vulnerability management experts through to exceptional CIO/ CISO leaders.
Xcede identify top InfoSec experts for businesses of every size across the globe, from innovative start-ups to leading cyber vendors and major household names.
XCEDE’S INFORMATION SECURITY JOBS
We recruit at all levels across a broad range of InfoSec jobs around the world including: Cybersecurity Consultant; Security Analyst; Head of IT Security; Heads of Vulnerability Management, Penetration Testers, Security Assurance Consultant; Head of Information Security and many more.
To discuss how Xcede can help you find an exceptional InfoSec specialist to add to your team, contact us today. Looking for a new InfoSec job? Explore our current opportunities below.
LATEST CYBER JOBS
Xcede are partnered with a leading manufacturer of medical devices in Germany and we are helping the to source an Information Security Officer (ISO) to play a crucial role in overseeing information security matters within a Cloud environment. Your responsibilities include ensuring the ISO27001-compliant operation of the management system, fostering information security awareness within the organization, and serving as a key point of contact for managers and project teams regarding security issues. Additionally, you will provide guidance and support to managers, backed by senior management, in implementing essential information security frameworks.
What we are looking for:
- Hold a degree in Information Technology, Computer Science, or a related field
- Possess excellent communication skills, a professional demeanor, and expertise in moderation, organization, and motivation
- Demonstrate strong analytical thinking and proactive problem-solving abilities
- Exhibit a strong sense of duty and a willingness to take on responsibilities
- Think strategically and economically with an entrepreneurial mindset
- Fluent in English and German
- Have experience with relevant standards, particularly ISO 27001
- Skilled in planning and conducting audits
- Bring theoretical knowledge and practical experience in information security management within an agile environment
- Experienced and knowledgeable in cloud security processes and procedures, with practical experience working with at least one hyperscaler (Google Cloud, AWS, Azure; e.g., as an Azure developer)
- Holding cybersecurity certifications as a plus
- Assumption of responsibility or project management in large projects
- Leadership in the strategic development of consulting products in the area of IT compliance, risk & security
- Technical & procedural advice on the mapping of existing and new regulatory IT requirements, in the financial or insurance industry
- Partnering with customers throughout the entire audit cycle: from assessments to the examination office to program management to increase compliance
- Development of innovative new approaches for intelligent risk management in information processing and for the integration of compliance, risk & security
- At least 6 years of professional experience in IT consulting in the regulated environment of the financial or insurance industry
- Knowledge of the regulatory requirements for IT in the core industries e.g. BAIT, VAIT, DORA, IT-SiG
- Several years of project management experience
- Ideally experience in the selection and implementation of IT solutions
- Fluency in German and English
I am partnered with a Global organisation with HQ in Hamburg who are looking for a leader in Information Security Management Systems (ISMS) and compliance for cloud environments, including AWS and Azure, as well as software development processes.
The responsibilities of the role can be seen below:
-Develop and implement a Governance, Risk, and Compliance (GRC) strategy for cloud services and agile software development.
-Collaborate with architects to define security controls and processes, ensuring compliance and trust in the cloud environment and DevOps processes.
-Support the creation of an efficient, automated ISMS and DevSecOps process, fostering compliant standard solutions.
-Identify external/regulatory requirements and work with business, Data Protection Officers, and Legal to translate them into ISMS policies and controls.
-Manage compliance with external requirements and industry standards such as ISO 27001, TISAX, SOC2.
-Educate and empower architects and developers on Information & Cyber Security Risks, regulations, and compliance.
-Collaborate across CISO, IT, and Business departments to ensure organization-wide compliance and effective risk management.
-Stay abreast of the latest information and cyber security trends and threats, providing recommendations for improvement.
-Establish and maintain relationships with auditors, vendors, and industry experts for compliance and continuous improvement.
-Manage information security policy violations with the support of ISMS and IS risk specialists.
-Extensive experience in information & cyber security GRC or architecture roles.
-Strong knowledge of information security principles, frameworks, and best practices.
-Familiarity with current cloud architectures, security, and AWS/Azure solutions.
-Understanding of microservices, serverless architectures, and containerization technologies.
-Experience with agile development frameworks (SAFe, KANBAN, SCRUM) and project management.
-Strong analytical and problem-solving skills with attention to detail.
-Excellent communication, presentation, and training abilities for both technical and non-technical stakeholders.
-Familiarity with regulatory requirements and industry standards related to information security and data privacy.
-Collaborative mindset with experience working across Legal, DPO, Risk & Control, Audit, and Procurement teams.
-Experience in large international organizations and handling enterprise-level projects.
-Certifications such as CISSP, CISA, CRISC, IT/Security Vendor Certifications, ISO27001 Lead Auditor, or similar are a bonus.
-Fluency in written and spoken English.
Lots of benefits included within this company which I would be happy to share upon request. Please submit your application and I will get in touch to discuss further.