H2Mission /h2 br/ Our client is looking for a Security Officer to support the security assessment of critical business and IT initiatives.br/ br/ The objective is to identify, assess, and mitigate cyber and IT risks from the early stages of project delivery, ensuring that security, compliance, and resilience requirements are integrated into solution design and implementation.br/ This role requires a strong combination of technical security expertise, risk management capabilities, and stakeholder engagement skills.br/ br/ h2Key responsibilities /h2 ul liTechnical risk assessment: ul liAnalyze complex application and infrastructure architectures to identify security risks and vulnerabilities. /li liReview data flows, integrations, APIs, cloud environments, and MicroServices architectures. /li liApply recognized methodologies such as OWASP Risk Rating and ISO 27005. /li /ul /li liSecurity governance compliance: ul liEnsure alignment with internal security policies and applicable regulations. /li liSupport compliance initiatives related to GDPR, NIS2, and industry security frameworks. /li liParticipate in risk acceptance and remediation processes. /li /ul /li liArchitecture design reviews: ul liPerform security reviews during project design phases. /li liChallenge architectural decisions from a security perspective. /li liIdentify security gaps before production deployment. /li /ul /li liThird-party risk management: ul liAssess security aspects of external vendors and service providers. /li liReview contracts and technical security documentation. /li /ul /li liStakeholder management: ul liCollaborate closely with Architects, DevOps Engineers, Product Owners, and Project Managers. /li liFacilitate workshops and security review sessions. /li liTranslate technical risks into business-oriented recommendations. /li /ul /li liReporting: ul liProduce clear and actionable risk assessment reports. /li liPresent findings and recommendations to management and governance bodies. /li /ul /li /ul br/ h2Required skills experience /h2 ul liSecurity risk frameworks: /li liStrong expertise with: ul liISO 27001 / 27002 / 27005 /li liNIST Cybersecurity Framework /li liOWASP methodologies /li liNIS2 Directive /li /ul /li liTechnical expertise: ul liExperience reviewing modern application architectures. /li liStrong understanding of: ul liAPIs /li liMicroServices /li liCloud environments (GCP preferred) /li liSecurity architecture principles /li /ul /li /ul /li liProfessional experience: ul liMinimum 5 years of experience in Cyber Security. /li liProven background in GRC, Security Architecture, Risk Management, or related security functions. /li /ul /li liSoft skills: ul liStrong analytical and investigative mindset. /li liAbility to identify hidden risks and challenge assumptions. /li liExcellent communication skills. /li liAbility to explain complex technical topics to non-technical stakeholders. /li /ul /li liLanguages: Professional fluency in English. /li /ul