Job
- Level
- Senior
- Job Field
- IT, Security
- Employment Type
- Full Time
- Contract Type
- Permanent employment
- Location
- Hanover
- Working Model
- Hybrid, Onsite
Job Summary
In this role, you will develop a comprehensive information security risk management by identifying, assessing, and managing risk mitigation progress while closely collaborating with senior leadership.
Job Technologies
Your role in the team
- As an Information Security Risk Specialist (m/f/d), you will own and drive Awin's global Information Security Risk Management capability end-to-end, ensuring the business not only understands its risks but takes measurable action to reduce them.
- You will be accountable for embedding a strong culture of risk ownership across the organisation, proactively identifying gaps, and driving remediation through to completion.
- This role requires structured risk identification, assessment, and reporting whilst acting as an advisor to senior leadership and the board.
- It ensures that risk appetite is clearly defined, actively used in decision-making, and consistently monitored.
- Lead enterprise-wide risk identification and assessment across strategic initiatives, technology, and third parties.
- Ensure risks are prioritised and clearly articulated in business terms (financial, regulatory, reputational) to enable effective decision-making.
- Drive risk remediation to closure, holding risk owners accountable for delivery and escalating where progress stalls.
- Ensure risk management is embedded in cross-functional initiatives and considered as part of key business decisions.
- Own and maintain the Information Security Risk Register, ensuring it reflects true risk exposure, progress, and outcomes, not just status updates.
- Facilitate risk reviews that are focused on decisions, accountability, and measurable progress.
- Define, embed, and maintain the organisation's risk appetite, ensuring it is actively used in both business and technology decision-making.
- Establish and track KPIs that measure real improvements in risk posture, not just activity.
- Provide clear, opinionated, and actionable risk insights to senior management and the board.
- Act as the bridge between technical and business teams, ensuring risks are clearly understood and acted upon.
- Confidently challenge and influence stakeholders to ensure risks are neither understated nor inappropriately accepted.
- Own and continuously improve Awin's global information security risk management framework, aligned to ISO 27001 and regulatory requirements.
- Monitor control effectiveness, proactively identify weaknesses, and drive improvements.
- Embed risk management into business processes so that risks are considered early and proactively, rather than retrospectively.
- As the most senior member of the team, mentor and develop GRC team members, building capability in risk management and assurance.
- Lead horizon scanning across emerging threats, regulatory changes, and industry developments, translating these into practical risk implications and actions for the business.
This text has been machine translated. Show original
Our expectations of you
Qualifications
- Proven track record of owning and delivering risk management initiatives end-to-end.
- Strong knowledge of frameworks such as ISO 27001.
- Confident communicator (with very good English skills) - able to build relationships and challenge/influence senior stakeholders.
Experience
- Experience driving risk remediation across teams without direct authority.
- Strong experience presenting and defending risk positions to senior leadership and boards.
- Hands-on experience within an ISO 27001-certified ISMS environment.
- Experience designing, implementing, or improving control frameworks.
- Experience with GRC platforms (e.g., Hyperproof).
This text has been machine translated. Show original
What we offer
- We prioritise your mental health and wellbeing by offering you a four-day Flexi-Week (with one lighter or completely disconnected day per week) at full pay, with no reduction to your annual holiday allowance.
- We offer an international culture and flexibility through our hybrid/remote working scheme which is designed to foster a culture of mutual trust and working flexibility.
- You will receive a monthly allowance to cover part of your running costs, as well as a furniture package to support you in setting up a comfortable workspace when working from home.
- With our support and access to various initiatives and sports offers, you can focus on your mental and physical wellbeing.
- We've built our extensive training suite, Awin Academy, to cover a wide range of skills that support your professional and personal growth, with trainings conveniently packaged to help your overall development.
- Thank and reward colleagues by sending them a voucher through our peer-to-peer recognition programme.
This text has been machine translated. Show original
Benefits
Work-Life-Integration
Topics that you deal with on the job
Job Locations
This is your employer
AWIN Inc.
Assecor is an innovative, family-run IT consulting and software development company with locations in Berlin, Stralsund, Nürnberg, and Riga. We have 11 years of success working with enterprise and small business customers in various industries. Our goal is to provide our customers with the best possible solution and support them in implementing their projects.
Description
- Company Size
- 50-249 Employees
- Company Type
- Established Company
- Working Model
- Full Remote, Hybrid, Onsite
- Industry
- Internet, IT, Telecommunication
Information Security Risk Specialist
- Location
- Hanover
- Working Model
- Hybrid, Onsite
- Diversity
- Open for all genders
- English Only
- English only required
