IT GRC Officer - 12 month contract
Department: Information Technology
We are looking for an IT GRC Officer to lead Governance, Risk, and Compliance across the organization. This role will oversee policy management, risk frameworks, and ISO certification activities, ensuring our IT and security functions operate in a secure and compliant environment.
Key Responsibilities
- Lead and maintain ISO/IEC 27001 (ISMS) and ISO/IEC 20000 (ITSM) compliance.
- Manage full policy lifecycle (drafting, updating, governance).
- Conduct internal audits, support external ISO audits, and ensure regulatory compliance.
- Implement and manage risk frameworks aligned with ISO 31000 / NIST.
- Oversee risk registers, vendor risk assessments, and compliance reporting.
- Prepare dashboards, KPIs, and executive reporting on GRC performance.
Requirements
- Bachelor’s degree in IT, InfoSec, or related field.
- 3–5 years experience in GRC, compliance, or information security.
- Strong knowledge of ISO 27001 & ISO 20000 standards.
- Experience with risk management frameworks and audit processes.
- Excellent communication and stakeholder management skills.
- Certifications such as ISO 27001 LI/LA, ISO 20000 LI, CISA, CRISC, or CISM preferred.
