IT Security Governance, Risk, and Assurance
We believe that we make a difference every day. To do that, we need committed and engaged employees. Our people are accountable for delivering world-class service and they are passionate about making the world a safer and more secure place. Our teams operate with integrity and respect for one another fueled by an entrepreneurial spirit.
What we look for
An effective communicator, you are a confident team player with a genuine passion for making things happen in a dynamic organization. If you’re ready to take on a wide range of responsibilities and are committed to seeking out new ways to make a difference, this role is for you.
Job purpose
Reporting to the Cyber & IT Risk Team Lead, your role will be focused on identifying, assessing, and mitigating risks related to cybersecurity, IT systems, and business processes. Your role will also support the implementation of our organization’s strategies around Cyber & IT controls by maintaining and developing new ways of doing things and creating cross-functional business relationships within Technology and other business units.
The position is expected to work with internal stakeholders and take a supportive role in analysing key risks, establishing regular dialogue between risk and control owners to identify areas for improvement and develop strategies to enhance security of IT and business processes.
Main Responsibilities
- Manage and mature the Information Security & IT risk control framework to enable effective operation and monitoring of controls.
- Document and report control failures and gaps to stakeholders. Provide remediation guidance and occasionally drive projects to ensure deployment of mitigation actions.
- Develop security policies, standards, and procedures to drive standardization and centralization of control activities.
- Perform risk assessment activities across the organization, identify potential risks within IT and business processes, and recommend risk mitigation strategies and controls.
- Ensure risks and remediation plans are regularly addressed and implemented by risk and control owners.
- Support activities to maintain compliance with relevant regulations and standards (e.g., ISO27001, NIST, GDPR).
- Audit and document processes and prepare reports summarizing findings and insights for management and stakeholders.
Required Qualifications
Minimum Qualifications
- Bachelor’s degree within a relevant field and at least 3 years of direct experience within Information Security & IT risk and compliance.
- Experience working in GRC departments and direct experience working in:
- Defining, creating, and executing of an Information Security & IT risk control framework, not only internally but also for third-party and partners. It is key also have experienced in documenting security procedures, policies, and standards.
- Performing information Information Security & IT assessments and conducting compliance and maturity assessments using international standards and best practices from various industries.
- Ensuring that all risks, vulnerabilities, and non-conformities are actively managed, monitored, documented, and mitigated if possible.
- Defining and tracking KPIs/KRIs and generating reporting adapted for different levels and stakeholders.
- Performing Information Security & IT controls audits and executing remediation plans not only internally but also third party and partners.
- Work experience in a professional environment preferred, including:
- Demonstrated planning and problem-solving skills and ability to analyze complex technical issues.
- Thorough understanding of market structures, including relevant regulatory compliance requirements (SOC 2, NIST, GDPR, COBIT, ITIL, etc.).
- Ability to build professional relationships and collaborate effectively with peers and stakeholders.
- Experience organizing and carrying out risk assessments and compliance projects.
- Fluent written and verbal communication skills in English.
- Travel availability.
Preferred qualifications
- Relevant security certifications: CISSP, CRISC, CISM, CISA, Security+, ISO 27001
- Proficient with MS Office, project management, and at least one GRC tool (recommended).
- Familiarity with auditing, monitoring, controlling, and process assessment.
Top Skills
What We Do
Verisure is the leading provider of peace of mind and protection to residential and small business customers across Europe and Latin America. We deliver professionally-monitored security services to over 5.5 million customers in 17 countries across Europe and Latin America, with a team of more than 28,000 colleagues.
Verisure’s brand family includes: Securitas Direct in Spain and Portugal (*), AlertAlarm, Dansikring Direct, Falck Alarms, Mediaveil, TeleAtlantic and NorAlarm to name a few!
Our alarms are the most widely installed home security systems in Europe. A strong focus on quality and service means our customers are among the most satisfied in the industry!
GROWTH
Verisure enjoyed consistent growth over the past 35 years as a result of its highly entrepreneurial and innovative approach to business. We also continue to expand internationally.
- Strong and visionary Management Team and a robust business plan for value creation.
- We are a big company with a start-up mindset, fast, agile and lean, merit based, high-performance and value-driven
INNOVATION
- We continuously invest more in new innovation to provide effective, intelligent and reliable security solutions.
- Offer a breakthrough product & service proposition: identify, research, develop, test & refine advanced security solutions.
- Develop exclusive hardware and software features.
- Research & Development centers in Madrid and Malmö.
- +600 R&D and IT experts… and growing!
PEOPLE
Our successful growth is dependent on our talent pipeline. Our People are our business! We are:
- Passionate in everything we do
- Committed to making a difference
- Always Innovating
- Winning as a Team
- With Trust & Responsibility
 (1).png)
