Share this job
Cybersecurity Lead
Apply for this job

πŸ” Cyber GRC Lead


πŸ“ Europe-based | Hybrid | Metals & Mining Industry

πŸ•’ Full-time


About the Role

A leading organization in the metals and mining industry is seeking an experienced and motivated Cyber Governance, Risk, and Compliance (GRC) Lead to strengthen its enterprise-wide cybersecurity posture. This position plays a critical role in shaping cyber risk strategy, managing compliance initiatives, and ensuring operational readiness for audits and regulatory assessments.

As a Cyber GRC Lead, you will partner closely with cybersecurity, IT, internal audit, and business stakeholders to maintain robust risk management practices and regulatory compliance, especially across European operations.


Key Responsibilities


πŸ”Ž Cyber Risk Management

  • Implement and support the enterprise cyber risk framework.
  • Identify, assess, and track cyber risks and mitigation plans across the organization.
  • Ensure risk reporting is consistent at both executive and operational levels.

πŸ“‹ Audit Coordination

  • Lead cybersecurity-related audit initiatives including maturity assessments and control framework testing.
  • Coordinate evidence gathering and post-audit action plans with relevant teams.
  • Ensure risk evaluation and define effective mitigation plans for findings.

πŸ›  Gap Remediation Oversight

  • Monitor and drive remediation of identified cybersecurity gaps.
  • Track and maintain up-to-date records of remediation efforts.
  • Collaborate with CISOs, IT, and business units to resolve issues efficiently.

πŸ“œ External Compliance

  • Support compliance with cybersecurity standards and regulations (e.g., TISAX, NIS2).
  • Facilitate certifications and assessments with external bodies.
  • Stay current with cybersecurity regulatory developments.

πŸ“‘ Policies & Procedures

  • Review and improve cybersecurity policies in collaboration with Group Risk & Compliance.
  • Ensure processes align with legal and regulatory reporting obligations during cyber incidents.

πŸ“Š Reporting & Communication

  • Prepare regular compliance and risk reports for senior leadership.
  • Maintain clear documentation of activities, decisions, and compliance status.


Requirements

  • Extensive experience in cybersecurity, including project management or CISO roles.
  • At least 5 years in GRC-focused roles within cybersecurity.
  • Strong familiarity with cyber risk and compliance frameworks: ISO 27001, NIST, NIS2, ISO 27005, FAIR, etc.
  • Proven ability to manage cross-functional stakeholders.
  • Experience with internal and external audits.
  • Excellent communication, problem-solving, and analytical skills.
  • Comfortable working in international and sensitive environments.
  • Languages: Fluent in English; additional European languages (e.g., French, Spanish, Dutch, German, Polish) are a plus.
  • Education: Master’s degree in Information Security, Computer Science, Risk Management, or a related field.


πŸ’Ό Why Apply?

  • Play a key leadership role in cyber risk and compliance for a major industrial player.
  • Work at the intersection of technology, risk, and regulation.
  • Be part of a globally collaborative and dynamic environment.


Apply for this job
Powered by