Information Security GRC Specialist

Information Security GRC Specialist (f/m/d) To support the operation and continual improvement of Awin's Information Security Management System (ISMS), aligned to ISO 27001 and related standards. This role ensures effective governance, risk management, compliance monitoring, and education initiatives to protect Awin's information assets and meet regulatory and contractual obligations. Core Responsibilities * Ensure compliance with relevant local and EU information security regulations and international frameworks such as ISO 27001, PCI DSS, CIS, and NIST CSF. * Drive the development, implementation, and continuous improvement of information security policies, standards, and procedures, ensuring they are business-enabling and scalable. * Support the rollout of Awin's internal control framework across the globe, partnering with local teams to collate and verify control evidence. * Conduct internal audits and control testing against ISO 27001 and support preparations for external audits and certification renewals. * Monitor local regulatory developments and ensure internal controls remain compliant. * Support and enhance the security risk management process, including risk assessments and maintenance of risk registers. * Assist in the creation and regular review of incident response playbooks Additional GRC Activities * Support the review of vendor contracts, RFPs, and data processing agreements to ensure compliance with Awin's risk appetite * Lead or support security awareness and training, including phishing simulations and workshops. * Contribute to tracking and reporting cybersecurity KPIs/metrics. * Participate in incident response coordination and post-mortem reviews. * Assist with BAU GRC processes such as vendor due diligence and risk reviews. * Mentor junior team members and promote a culture of collaboration, knowledge sharing, and continuous improvement across the team. Professional experience and skills * 2+ years of, experience in an Information

Security or IT Risk/Compliance role within a GRC function, * Proven experience working within an ISMS environment certified to ISO/IEC 27001. * Familiarity with security standards, regulatory requirements, and common control frameworks. * Certifications such as CISSP, CISA, CISM, CRISC, ISO 27001 Lead Auditor/Implementer. * Excellent written communication and documentation skills, (very good written and spoken English required). * Strong attention to detail with a methodical and analytical mindset. * Ability to collaborate across departments and build stakeholder trust. * Proactive and adaptable; comfortable working in a fast-paced, changing environment. * Demonstrates a project-oriented mindset with the ability to prioritise and manage competing tasks. Our Offer * Flexi-Week and Work-Life Balance: We prioritise your mental health and wellbeing, offering you a flexible four-day Flexi-Week at full pay and with no reduction to your annual holiday allowance. We also

offer a variety of different paid special leaves. * Flexi-Office: We offer an international culture and flexibility through our Flexi-Office and hybrid/remote work possibilities to work across Awin regions * Health & Well Being: With our support and access to various initiatives and sports offers, you can devote yourself to your mental and physical well-being. * Development: We've built our extensive training suite Awin Academy to cover a wide range of skills that nurture you professionally and personally, with trainings conveniently packaged together to support your overall development. * Remote Working Allowance: You will receive a monthly allowance to cover a part of your running costs. In addition, we will support you in setting up your remote workspace appropriately. * Appreciation: Thank and reward colleagues by sending them a voucher through our peer-to-peer program. * We are hiring in multiple countries, additional benefits in terms of

Part of the Axel Springer and United Internet Groups, Awin is a global affiliate network. With ShareASale, the Awin group is comprised of 15 offices worldwide, 1,000 employees, 200,000 contributing publishers and 15 500 advertisers, connecting customers with brands in over 180 countries around the globe. Operating across the retail, telecommunications, travel and finance verticals, Awin generated £13.85 billion in revenue for its advertisers and £614 million for its publishers in 2018.