Senior Security Expert

Security Governance & Compliance

• Lead ISO 27001 certification and maintain continuous compliance
• Ensure NIS2 compliance in alignment with regulatory requirements
• Embed security practices across IT operations and business processes
• Align security requirements with enterprise architecture and business objectives
• Collaborate with Compliance to ensure controls meet legal, regulatory, and insurance sector requirements

Risk Management & Security Operations

• Conduct risk assessments of IT systems, applications, and networks
• Consolidate departmental risk analyses to maintain organization-wide security posture
• Implement mitigation measures for identified risks and vulnerabilities
• Prioritize security risks while balancing business priorities
• Oversee incident response, monitoring, and SOC operations
• Ensure resilience of critical insurance systems and customer data

Compliance & Certification

• Achieve and maintain ISO 27001:2022 certification
• Lead efforts to achieve full NIS2 compliance
• Implement continuous monitoring and auditing of security practices

Security Awareness & Culture

• Foster a culture of cybersecurity across the organization
• Develop and deliver security awareness training for employees and stakeholders
• Serve as a trusted advisor to management on emerging threats and best practices

• Minimum 7 years of experience in information security, cybersecurity governance, or risk management
• Strong knowledge of ISO 27001, NIS2, GDPR, CyFun, and cybersecurity best practices
• Experience with network security, cloud security, and IT risk management
• Familiarity with SOC, SIEM, incident response, and security monitoring tools
• Experience with audits, regulatory authorities, and security compliance in a financial or insurance context
• Ability to write clear and actionable security requirements for technical and business teams
• Strong understanding of Identity and Access Management (IAM)

.