InfoSec GRC Analyst

We are searching for a highly skilled dedicated InfoSec GRC Analyst to join our dynamic cybersecurity team. In this crucial role, you will be responsible for identifying and mitigating InfoSec risks, ensuring that Camunda continues to adhere to security standards, reviewing contracts and their InfoSec requirements, and helping with automating compliance monitoring. Manage and recommend improvements to Camunda's ISMS and drive Camunda's InfoSec audits (ISO 27001, SOC 2, and potentially more) with minimum supervision. Conduct vendor risk assessment and evaluate and support negotiations of information security clauses in contracts. Lead responses to complex security questionnaires from clients and stakeholders. Implement continuous monitoring of the effectiveness of our security controls into our GRC tool. Perform detailed risk assessments and execute risk mitigation strategies.