Mission Our client is looking for a Security Officer to support the security assessment of critical business and IT initiatives.
Ready to apply Before you do, make sure to read all the details pertaining to this job in the description below.
The objective is to identify, assess, and mitigate cyber and IT risks from the early stages of project delivery, ensuring that security, compliance, and resilience requirements are integrated into solution design and implementation.
This role requires a strong combination of technical security expertise, risk management capabilities, and stakeholder engagement skills.
Key Responsibilities Technical Risk Assessment Analyze complex application and infrastructure architectures to identify security risks and vulnerabilities.
Review data flows, integrations, APIs, cloud environments, and microservices architectures.
Apply recognized methodologies such as OWASP Risk Rating and ISO 27005.
Security Governance & Compliance Ensure alignment with internal security policies and applicable regulations.
Support compliance initiatives related to GDPR, NIS2, and industry security frameworks.
Participate in risk acceptance and remediation processes.
Architecture & Design Reviews Perform security reviews during project design phases.
Challenge architectural decisions from a security perspective.
Identify security gaps before production deployment.
Third-Party Risk Management Assess security aspects of external vendors and service providers.
Review contracts and technical security documentation.
Stakeholder Management Collaborate closely with Architects, DevOps Engineers, Product Owners, and Project Managers.
Facilitate workshops and security review sessions.
Translate technical risks into business-oriented recommendations.
Reporting Produce clear and actionable risk assessment reports.
Present findings and recommendations to management and governance bodies.
Required Skills & Experience Security & Risk Frameworks Strong expertise with: ISO 27001 / 27002 / 27005 NIST Cybersecurity Framework OWASP methodologies NIS2 Directive Technical Expertise Experience reviewing modern application architectures.
Strong understanding of: APIs Microservices Cloud environments (GCP preferred) Security architecture principles Professional Experience Minimum 5 years of experience in Cyber Security.
Proven background in GRC, Security Architecture, Risk Management, or related security functions.
Soft Skills Strong analytical and investigative mindset.
Ability to identify hidden risks and challenge assumptions.
Excellent communication skills.
Ability to explain complex technical topics to non-technical stakeholders. xphnsxz
Languages Professional fluency in English.