Security Professional, Security Governance

October 23

Apply Now

Receive Emails with Similar Jobs

Syntax

WebsiteLinkedInAll Job Openings

Enterprise • Cloud Computing • Professional Services

Syntax is a company that provides enterprise cloud solutions focused on SAP and Oracle EBS integrations. They cater to various industries, offering tailored services that enhance operational efficiency through solutions like Hybrid Cloud and Security Beyond ERP. Syntax also emphasizes the importance of professional networking and community engagement, aiming to connect talent with opportunities.

1001 - 5000 employees

Founded 1972

🏢 Enterprise

📋 Description

• Maintain and enhance the ISMS, ensuring processes are documented, monitored, and continuously improved. • Develop, review, and maintain security policies, standards, and procedures (including technical standards such as IAM, Logging, Cloud Security, and SDLC) in collaboration with engineering and operations teams. • Participate in technical security discussions (e.g., logging, cloud controls, IAM, PAM, endpoint security) to ensure governance requirements are realistic and enforceable. • Review proposed technical designs or projects for alignment with security policies and standards. • Coordinate with GRC during internal and external audits by preparing evidence, ensuring timely responses, and tracking corrective actions to closure. • Support Enterprise Risk Management (ERM) activities by contributing to risk assessments, risk treatment planning, and monitoring mitigation progress. • Develop and deliver governance and policy-related training to business units, functional leaders, and technical teams. • Translate technical requirements into control language that auditors and business leaders can understand. • Provide input into governance metrics by maintaining dashboards, contributing data points, and preparing summaries for management and stakeholders. • Contribute to supplier and third-party governance activities by ensuring minimum security requirements are addressed in procurement processes. • Engage directly with customers to support the development or enhancement of their security governance programs, ensuring alignment with recognized frameworks and Syntax practices.

🎯 Requirements

• 3–5 years of experience in information security governance, compliance, or risk management roles, with exposure to ISMS (ISO 27001). • Strong knowledge of security domains: identity & access management, network security, cloud security, vulnerability management, logging/monitoring, incident response. • Ability to engage in technical discussions with engineers while writing governance documents in clear, business-oriented terms. • Strong knowledge of regulatory frameworks and standards (ISO 27001, SOC 2, NIST CSF, GDPR, etc.). • Hands-on experience supporting audits, evidence preparation, and corrective action tracking. • Exceptional policy/standards writing and stakeholder management skills. • Analytical, problem-solving, and critical thinking skills, with eagerness to continuously learn. • Resourceful, self-motivated, and effective in team environments. • Professional certifications such as ISO 27001 Lead Implementer/Lead Auditor or similar are an advantage. • English fluency (written and spoken).

🏖️ Benefits

• Competitive, above-average compensation • Work from abroad from time to time • Flexible working time models, home office • Attractive benefits, e.g. company pension scheme or various health offers • A modern environment in which the 'you' is part of it • Open feedback culture, flat hierarchies and a motivated team • Individual career planning with continuous training and coaching on the job