Senior Manager IT Security (Governance Risk Compliance)

To join our team in Budapest, we are looking for a 

Senior Manager IT Security (Governance Risk Compliance)

YOU will be involved in the following tasks:

• As the Senior Manager, IT Security,  Governance Risk & Compliance (GRC), you will establish and maintain all aspects of comprehensive IT risk management, governance and compliance strategies, and driving certifications such as ISO 27001. You will  manage a small global team of experienced GRC professionals. The ideal candidate will have a strong risk management and information technology background and solid experience in compliance management and regulatory requirements.

• Develop, implement, and manage a comprehensive Information Security compliance, governance and risk management program aligned with the organization's business objectives and regulatory requirements.
• Identify, assess, and prioritize cybersecurity risks across the organization and collaborate with stakeholders to develop risk mitigation strategies and action plans
• Oversee and mature the 3rd party risk management outsourced service via the Managed Service Provider (MSP).
• Build and maintain a robust Information Security Management System (ISMS ) and conduct regular ISMS self-audits and risk assessments 
• Build-out of GRC platform and capabilities to automate and continuously monitor information security controls mapping and attestation for tracking of risk and compliance
• Ensure compliance with relevant regulations and cybersecurity frameworks such as NIST CSF, ISO 27001, NIS2.
• Monitor and report on the effectiveness of risk management efforts and controls.
• Monitor and report on compliance metrics and key performance indicators (KPIs) to senior management

What YOU will bring to the team:

• Strong experience with IT Governance, Risk and Compliance for controls and policies, advanced IT risk assessment and exception management
• Proven experience of successfully leading and achieving certifications such as ISO 27001
• Experience with Governance, Risk and Compliance (GRC) tooling such as ServiceNow GRC, Workiva or others
• Strong experience in developing and maintaining a mature risk management program and risk register
• Extensive knowledge with risk framework mapping and controls development
• Proficiency in maintaining and maturing third party IT risk management program
• Demonstrated expertise and leadership in compliance and risk management frameworks and methodologies like NIST CSF, ISO 27001, NIS2, ITIL, TISAX
• Strong technical expertise of IT systems/infrastructure & information security technical controls
• Excellent analytical, problem-solving, and decision-making skills
• Strong ability to manage and prioritize assignments based on fast paced and changing environment focusing on delivery
• Excellent English written and verbal communication skills
• Strong leadership, influencing, and people management abilities
• Relevant certifications, such as CISA, CISM, CRISC or ITIL, are a big plus

• Minimum of 7 years of experience in IT Information Security and 5+ years in IT risk management, IT governance and compliance space.
• Any Bachelor's degree or Master’s degree in Computer Science, Information Technology or related fields

In exchange we offer YOU the following benefits:

• Cafeteria and Private Health Care Insurance
• Flexible working arrangements and home office possibilities
• Structured onboarding support
• Diverse career paths (people management, subject matter expert)
• Development opportunities (free language courses, online learning courses)
• Company events, CSR activities and possibility to join social groups