IT Security Risk Coordinator

Our expectations:

• 2+ years of hands-on experience in information security or IT risk operations.

• Knowledge on ISO 27001 Information Security Framework.

• Familiarity with risk frameworks such as, ISO 27005, NIST RMF, or similar.

• Experience using GRC tools or risk tracking systems.

• Degree in Information Security, Computer Science, or a related field is a plus.

• Detail-oriented, organized, and comfortable working with structured data.

• Strong communication skills and ability to collaborate with technical and non-technical stakeholders.

• Willingness to travel occasionally.

• Strong communication skills at all management levels.

• Proficiency in English at a business level.

Key tasks:

• Operate and maintain the Information Security Risk Register, ensuring timely updates and accuracy.

• Coordinate and support risk assessments across IT functions.

• Support the implementation of mitigation plans and track remediation progress.

• Prepare and distribute regular risk reports and dashboards for internal stakeholders.

• Assist in applying the IS Risk Management Framework and ensure alignment with governance policies.

• Work closely with internal teams, including technical teams and local management, to gather risk-related data and conduct thorough risk assessments. This includes analyzing and evaluating the severity, potential impact of risks and providing crucial input for risk treatment decisions, all while ensuring compliance with internal controls.

• Operate under the Information Security Office, cooperate closely with Information Security Coordinators and IT Asset Owners.

• Support audits and compliance checks by providing risk documentation and evidence.

• Promote risk awareness and contribute to a culture of continuous improvement in security operations