MissionApply now, read the job details by scrolling down Double check you have the necessary skills before sending an application.Our client is looking for a Security Officer to support the security assessment of critical business and IT initiatives.The objective is to identify, assess, and mitigate cyber and IT risks from the early stages of project delivery, ensuring that security, compliance, and resilience requirements are integrated into solution design and implementation.This role requires a strong combination of technical security expertise, risk management capabilities, and stakeholder engagement skills.Key responsibilitiesTechnical risk assessment: Analyze complex application and infrastructure architectures to identify security risks and vulnerabilities.Review data flows, integrations, APIs, cloud environments, and Micro Services architectures.Apply recognized methodologies such as OWASP Risk Rating and ISO 27005.Security governance & compliance: Ensure alignment with internal security policies and applicable regulations.Support compliance initiatives related to GDPR, NIS2, and industry security frameworks.Participate in risk acceptance and remediation processes.Architecture & design reviews: Perform security reviews during project design phases.Challenge architectural decisions from a security perspective.Identify security gaps before production deployment.Third-party risk management: Assess security aspects of external vendors and service providers.Review contracts and technical security documentation.Stakeholder management: Collaborate closely with Architects, Dev Ops Engineers, Product Owners, and Project Managers.Facilitate workshops and security review sessions.Translate technical risks into business-oriented recommendations.Reporting: Produce clear and actionable risk assessment reports.Present findings and recommendations to management and governance bodies.Required skills & experienceSecurity & risk frameworks: Strong expertise with: ISO 27001 / 27002 / 27005NIST Cybersecurity FrameworkOWASP methodologiesNIS2 DirectiveTechnical expertise: Experience reviewing modern application architectures.Strong understanding of: APIsMicro ServicesCloud environments (GCP preferred)Security architecture principlesProfessional experience: Minimum 5 years of experience in Cyber Security.Proven background in GRC, Security Architecture, Risk Management, or related security functions.Soft skills: Strong analytical and investigative mindset.Ability to identify hidden risks and challenge assumptions.Excellent communication skills.Ability to explain complex technical topics to non-technical stakeholders. xirbnpk Languages: Professional fluency in English.