Job
- Level
- Senior
- Job Feld
- IT, Security
- Anstellung
- Vollzeit
- Vertragsart
- Unbefristetes Dienstverhältnis
- Ort
- Hannover
- Arbeitsmodell
- Hybrid, Onsite
Job Zusammenfassung
In dieser Rolle entwickelst du ein umfassendes Informationssicherheitsrisikomanagement, indem du Risiken identifizierst, bewertest und die Fortschritte in der Risikominderung steuerst, während du eng mit Führungskräften zusammenarbeitest.
Job Technologien
Deine Rolle im Team
- As Information Security Risk Specialist (f/m/d) you will own and drive Awin's global Information Security Risk Management capability end-to-end, ensuring the business not only understands its risks but takes measurable action to reduce them.
- You will be accountable for embedding a strong culture of risk ownership across the organisation, proactively identifying gaps, and driving remediation through to completion.
- This role requires structured risk identification, assessment, and reporting whilst acting as a advisor to senior leadership and the board.
- It ensures that risk appetite is clearly defined, actively used in decision-making, and consistently monitored.
- Lead enterprise-wide risk identification and assessment across strategic initiatives, technology, and third parties.
- Ensure risks are prioritised and clearly articulated in business terms (financial, regulatory, reputational) to enable effective decision-making.
- Drive risk remediation to closure, holding risk owners accountable for delivery and escalating where progress stalls.
- Ensure risk management is embedded in cross-functional initiatives and considered as part of key business decisions.
- Own and maintain the Information Security Risk Register, ensuring it reflects true risk exposure, progress, and outcomes, not just status updates.
- Facilitate risk reviews that are focused on decisions, accountability, and measurable progress.
- Define, embed, and maintain the organisation's risk appetite, ensuring it is actively used in both business and technology decision-making.
- Establish and track KPIs that measure real improvements in risk posture, not just activity.
- Provide clear, opinionated, and actionable risk insights to senior management and the board.
- Act as the bridge between technical and business teams, ensuring risks are clearly understood and acted upon.
- Confidently challenge and influence stakeholders to ensure risks are neither understated nor inappropriately accepted.
- Own and continuously improve Awin's global information security risk management framework, aligned to ISO 27001 and regulatory requirements.
- Monitor control effectiveness, proactively identify weaknesses, and drive improvements.
- Embed risk management into business processes so that risks are considered early and proactively, rather than retrospectively.
- As the most senior member of the team, mentor and develop GRC team members, building capability in risk management and assurance.
- Lead horizon scanning across emerging threats, regulatory changes, and industry developments, translating these into practical risk implications and actions for the business.
Unsere Erwartungen an dich
Qualifikationen
- Proven track record of owning and delivering risk management initiatives end-to-end.
- Strong knowledge of frameworks such as ISO 27001.
- Confident communicator (with very good English skills) - able to build relationships and challenge/influence senior stakeholders.
Erfahrung
- Experience driving risk remediation across teams without direct authority.
- Strong experience presenting and defending risk positions to senior leadership and boards.
- Hands-on experience within an ISO 27001-certified ISMS environment.
- Experience designing, implementing, or improving control frameworks.
- Experience with GRC platforms (e.g. Hyperproof).
Unser Angebot
- We prioritise your mental health and wellbeing by offering you a four-day Flexi-Week (with one lighter or completely disconnected day per week) at full pay, with no reduction to your annual holiday allowance.
- We offer an international culture and flexibility through our hybrid/remote working scheme which is designed to foster a culture of mutual trust and working flexibility.
- You will receive a monthly allowance to cover part of your running costs, as well as a furniture package to support you in setting up a comfortable workspace when working from home.
- With our support and access to various initiatives and sports offers, you can focus on your mental and physical wellbeing.
- We've built our extensive training suite, Awin Academy, to cover a wide range of skills that support your professional and personal growth, with trainings conveniently packaged to help your overall development.
- Thank and reward colleagues by sending them a voucher through our peer-to-peer recognition programme.
Benefits
Work-Life-Integration
Themen mit denen du dich im Job beschäftigst
Job Standorte
Das ist dein Arbeitgeber
AWIN Inc.
Assecor ist ein innovatives, inhabergeführtes, mittelständisches IT- Beratungs- und Softwareentwicklungsunternehmen mit Standorten in Berlin, Stralsund, Nürnberg und Riga. Wir sind seit 11Jahren erfolgreich bei Enterprise- und Mittelstandskunden in verschiedenen Branchen tätig. Unsere Kunden schätzen unsere Kompetenz, Zuverlässigkeit und unser Engagement.
Description
- Unternehmensgröße
- 50-249 Employees
- Unternehmenstyp
- Etablierte Firma
- Arbeitsmodell
- Full Remote, Hybrid, Onsite
- Branche
- Internet, IT, Telekom
Information Security Risk Specialist
- Ort
- Hannover
- Arbeitsmodell
- Hybrid, Onsite
- Diversität
- Für alle Personen geeignet (m/w/d)
- Nur Englisch
- Nur Englisch erforderlich
