Manufacturing Security Specialist ensuring safe and secure satellite manufacturing at ICEYE. Focused on protecting facilities, production, and sensitive information from threats.
CE
Hybrid Senior Specialist, Information Security Governance, Risk & Compliance
Posted last month
About the role
- Senior Specialist in Information Security Governance, Risk & Compliance at Cellulant, driving information security, privacy, and compliance standards within BFSI context.
Responsibilities
- Develop, maintain, and enhance the Information Security Management System (ISMS) based on ISO 27001/27002 or equivalent standards.
- Conduct enterprise-wide information security risk assessments, risk treatment planning, and continuous control monitoring.
- Maintain policy frameworks, standards, guidelines, and procedures.
- Ensure timely closure of information security findings across the business.
- Manage compliance with industry regulations and BFSI-specific frameworks (e.g., PCI DSS, SOC 2, ISO 27017/18, ISO 27032, local data protection acts).
- Track and report security posture, cyber risk exposure, key metrics, and compliance maturity to leadership.
- Own and evolve the Cellulant’s Business Continuity Management System (BCMS).
- Lead the development, review, and testing of BCPs, DR plans, and crisis management procedures.
- Conduct Business Impact Analyses (BIAs) and risk assessments across critical business functions.
- Coordinate and lead resilience exercises, tabletop simulations, and post-incident reviews.
- Support implementation of privacy-by-design and privacy-by-default controls.
- Monitor compliance with relevant data protection and privacy laws (e.g., GDPR, regional data protection regulations).
- Review vendor security questionnaires, external audit reports, penetration test summaries, and data protection agreements.
- Evaluate cloud, SaaS, managed services, and critical suppliers for compliance with BFSI security and privacy requirements.
- Provide expert GRC advisory support to cross-functional teams including IT, engineering, operations, legal, compliance and product.
- Design and promote security and privacy awareness programs.
Requirements
- 5–8+ years of experience in Information Security, GRC, audit, privacy, or risk management roles
- Proven experience working in or supporting the BFSI sector, with strong understanding of industry regulatory, privacy, and security obligations
- Business Continuity Management hands-on experience, including running BIAs, maintaining BC/DR plans, and coordinating DR/BC exercises
- Deep familiarity with frameworks and standards such as: ISO 27001/27002, NIST CSF, PCI DSS, and SOC 2 and ISO 22301
- GDPR (EU), NDPA (Nigeria) and other global/regional data privacy laws
- Strong understanding of cloud security principles (AWS)
- Demonstrated experience producing documentation, process improvements, risk reports, and audit deliverables
- Experience working cross-functionally with technical and non-technical teams.
- One or more of the following (or equivalent): Information Security: CISSP, CISM, SSCP, ISO 27001 Lead Implementer/Auditor Business Continuity: CBCP, ISO 22301 Lead Implementer/Auditor Privacy: CIPP/E, CIPM, CDPSE, ISO 27701 Lead Implementer/Auditor, certified DPO Risk & Compliance: CRISC, CGEIT.
Benefits
- Generous personal time off
- Medical and life insurance benefits (markets permitting)
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Information Security Specialist responsible for implementing security solutions in Tokio Marine. Analyzing and enhancing cybersecurity architectures and tools for diverse IT projects.
Security Engineer responsible for managing Microsoft Sentinel and Defender XDR systems at Cyderes, a cybersecurity service provider. Focused on detection engineering and platform optimization in a hybrid work setting.
Security Engineer II focusing on EDR at Cyderes, providing expert technical support and improving security postures across enterprise environments.
Entra ID Security Specialist developing Identity & Access Management solutions focusing on Microsoft Entra ID. Strategically enhancing modern identity and security architectures in a hybrid work environment.
Senior Staff IT Security Auditor leading complex audit engagements for WGU. Strengthening security posture while mentoring junior analysts and collaborating across teams.
Support security operations by handling incidents and providing first - line support for ICEYE. This includes incident management to ensure timely action by the appropriate teams.
Facility Security Specialist at ICEYE ensuring secure operations through defense - grade security practices. Protecting personnel, facilities, classified information, and compliance with national standards.
Security Officer for United Security providing security solutions to clients. Patrol locations, respond to incidents, and inspect safety equipment.
Cybersecurity Engineer developing and implementing information security programs at Arcwood. Collaborating with IT to support production environment and maintain security operations.