In this role, you will contribute to the design, implementation, and continuous improvement of application security risk assessment frameworks and security controls across the organization.
You will perform security assessments on applications and technical environments, identify risks and control gaps, and provide clear, actionable recommendations to strengthen the overall security posture. You will also support the rollout and operationalisation of security capabilities in areas such as application security, software supply chain security, cryptography, data protection, and regulatory compliance (e.g., DORA, ISO).
Working closely with cross-functional teams including IT, Engineering, Architecture, Risk, and Business stakeholders, you will help integrate security requirements into processes, tools, and platforms while ensuring alignment with internal policies and regulatory expectations.
Key responsibilities:
-
Design and execute application security risk assessments
-
Identify threats, risk scenarios, and security control gaps
-
Provide detailed reporting and remediation recommendations
-
Support the implementation and improvement of security controls
-
Advise stakeholders on secure architecture and regulatory compliance
-
Contribute to documentation, governance, and tracking of security activities
We will be happy to hear from you if your background fits any of the following:
- Security Assessment Expert: Experienced in Security Risk Assessments, cybersecurity frameworks, DORA, ISO, MITRE, information security controls, and the design of security processes and solutions. ServiceNow GRC experience and CISSP certification are a plus.
- Senior Security Analyst: Experienced in the design and implementation of information security controls, application security, security governance, data classification, and cryptography governance/implementation, as well as database encryption and key management.