Senior Cyber Security GRC Officer
Lead cyber security governance, risk and compliance in a global enterprise—shape frameworks, strengthen resilience, and drive security culture with real business impact.
About the Company
Avaron AB is a growing consultancy focused on technology, finance, and business support. We match your expertise with the market's most interesting assignments, offering a platform where your professional development is central.
About the Assignment
In this role, you will strengthen and evolve a global cyber security Governance, Risk and Compliance (GRC) capability. You will help ensure a robust, scalable security posture aligned with business objectives by developing governance structures, managing cyber and technology risks, and driving compliance with relevant laws, standards, and regulatory requirements.
You will work closely with multiple internal functions and external stakeholders to continuously improve services, processes, and controls—while acting as a clear and visible advocate for cyber security across the organization.
Job Description
- Contribute to the development and continuous improvement of cyber security GRC frameworks
- Ensure governance structures and steering documents are accessible, understood, and adopted across the organization
- Conduct and oversee cyber risk assessments at enterprise and operational levels
- Maintain and regularly update central risk registers to enable risk-informed decision-making
- Develop audit and control testing schedules and evaluate compliance levels and control effectiveness
- Drive continuous improvement by identifying and implementing more effective and efficient controls and processes
- Collaborate with internal teams and external stakeholders, including third-party vendors, to manage cyber security risks and ensure alignment with internal standards and contractual obligations
- Act as a cyber security ambassador by making complex topics understandable and actionable for employees
Requirements
- Typically, 5+ years in cyber security in a global enterprise
- Typically, 3+ years in governance, risk management and compliance
- Relevant education within GRC and/or information and cyber security (e.g., university degree, higher vocational education) or equivalent work experience
- Good knowledge of regulatory compliance, preferably in a global market context
- Good knowledge of cyber security best practices, standards and maturity models (e.g. ISO 27001, ISO 31000, ISO 22301, NIST CSF, C2M2)
- Proven track record in risk management and reporting for global enterprises
- Experience designing, implementing and governing cyber security frameworks
- Experience working with auditors and QSAs in security assessments and certification processes
- Strong communication and collaboration skills in English
- Experience driving security awareness activities and building security culture
- Proven change management skills
Nice to have
- CISM, CISSP, CCISO or equivalent certification in information and cyber security
- ISO 27001 certification (e.g. Lead Implementor or Lead Auditor)
Application
Selections are made on an ongoing basis, so we recommend that you apply as soon as possible.
- Platser
- Stockholm
- Distansarbete
- Hybridarbete
Stockholm
Om Avaron AB
Avaron grundades med visionen om att skapa ett konsultbolag där kompetens och livskvalitet går hand i hand. Vi är ett nischat team som idag verkar inom komplexa miljöer såsom bank, finans och storskalig industri.
Som konsult hos oss får du det bästa av två världar: tryggheten och de spännande uppdragen hos stora, etablerade uppdragsgivare, kombinerat med det lilla bolagets snabbhet, transparens och personliga kontakt.
Vi tror inte på krångliga hierarkier eller onödig administration. Istället lägger vi kraften på det som faktiskt betyder något – att leverera värde i våra projekt och att se till att våra medarbetare trivs, utvecklas och har en balans i livet som fungerar på riktigt.