Logo of Huzzle

Home

Matches

Explore

Manage

Portfolio Security and Compliance Manager (Part-Time)

image

Aspire Software

2mo ago

  • Job
    Full-time
    Senior Level
  • IT & Cybersecurity
  • Germany, +9
    Remote
  • Quick Apply

AI generated summary

  • You need a bachelor's in a relevant field, 5+ years with senior leaders, experience in compliance and cybersecurity, ISO 27001 knowledge, strong analytical skills, and excellent communication abilities.
  • You will implement cybersecurity strategies, conduct risk assessments, ensure compliance with standards, coordinate audits, advise on regulations, and foster a culture of security awareness.

Requirements

  • Bachelor’s degree in Information Security, Compliance, Computer Science, or a related field.
  • At least 5 years’ experience of working with Senior Leaders to deliver change or results.
  • Professional certifications such as ISO 27001 Lead Auditor, CISM, CISSP, or equivalent are highly desirable.
  • Proven experience in compliance, cybersecurity, and risk management, preferably in the software and services sector.
  • Cybersecurity strategy and implementation
  • ISO 27001, ISO 9001, and GDPR compliance management
  • Incident response and crisis management
  • Risk assessment and mitigation
  • Auditing and documentation
  • Employee training and awareness programs
  • Strong analytical and problem-solving skills.
  • Thorough and accurate auditing & documenting experience
  • Strong communication skills to inspire and educate others

Responsibilities

  • Implement, and monitor comprehensive cybersecurity strategies in collaboration with the Valsoft Security team to protect against emerging threats.
  • Conduct regular risk assessments, vulnerability assessments, and penetration tests.
  • Work closely with the portfolio companies IT and development teams to ensure secure coding practices, system configurations, and continuous monitoring.
  • Respond to cybersecurity incidents, coordinate investigations, and coordinate incident response activities.
  • Maintain and update cybersecurity policies and procedures for our portfolio companies, ensuring compliance with industry best practices.
  • Ensure the portfolio companies’ full compliance with ISO 27001 (Information Security), ISO 9001 (Quality Management), and GDPR.
  • Lead the preparation, documentation, and implementation of audits and certifications.
  • Coordinate with external auditors to maintain certifications and manage audit processes.
  • Develop, implement, and manage data protection programs, ensuring all data privacy practices comply with GDPR and other applicable laws.
  • Advise leadership and staff on any relevant changes in legislation, standards, and compliance requirements.
  • Monitor local regulations and other industry-specific compliance obligations and update policies as needed.
  • Act as Data Protection Officer for the Portfolio companies when one is not present.
  • Act as main point of contact with the ICO.
  • Liaise with customers regarding their data protection needs.
  • Promote data protection awareness and understanding across the Portfolio.
  • Escalate and report any areas of concern identified to the Portfolio Management Team with a plan of action.
  • Work with the Valsoft Security team and the Portfolio companies IT teams to update policies on data security and breach management.
  • Lead employee training on compliance related topics, policies or procedures - including induction days.
  • Provide advice and direction across the organisation in understanding the risks relating non-conformance to regulations. Promote a culture of robust regulatory compliance and continuous improvement.
  • Document management; including ensuring all documents, policies, procedures, guidance, checklists are tracked, reviewed, up to date and stored correctly.
  • Ensure compliance with Valsoft training and awareness programs for employees on security and compliance policies.
  • Foster a culture of cybersecurity awareness and data protection within the organization.
  • Communicate compliance requirements and risk management strategies to all levels of the organization.
  • Identify, evaluate, and mitigate risks related to information security and regulatory compliance.
  • Maintain a risk register and regularly report to senior leadership on the company’s risk posture.
  • Collaborate with relevant teams to mitigate risks and ensure the continuity of business operations.
  • Develop and maintain comprehensive documentation, including security policies, compliance manuals, audit reports, and incident reports.
  • Prepare and present regular reports to executive leadership on cybersecurity and compliance matters.

FAQs

What are the working hours for this part-time position?

This position is offered on a part-time basis at 2-2.5 days per week (or similar).

What qualifications are required for this role?

A Bachelor's degree in Information Security, Compliance, Computer Science, or a related field is required, along with at least 5 years of experience in a similar role.

Is there a requirement for certifications in this position?

Yes, professional certifications such as ISO 27001 Lead Auditor, CISM, CISSP, or equivalent are highly desirable.

What will be my main responsibilities as a Portfolio Security and Compliance Manager?

Your main responsibilities will include cybersecurity management, compliance oversight, training and awareness, risk management, documentation and reporting, and ensuring compliance with standards and regulations.

Will I be involved in incident response activities?

Yes, you will be responsible for responding to cybersecurity incidents, coordinating investigations, and managing incident response activities.

Do I need to liaise with external auditors?

Yes, you will coordinate with external auditors to maintain certifications and manage audit processes.

Can you tell me more about the benefits offered for this position?

Benefits include private medical cover through Aviva and life assurance cover at the amount of x4 base salary, both available upon successful completion of your probationary period.

What skills are important for this role?

Key skills include cybersecurity strategy and implementation, ISO 27001, ISO 9001, and GDPR compliance management, incident response, risk assessment, and strong communication skills.

Is there a focus on employee training in this position?

Yes, you will lead employee training on compliance-related topics and promote a culture of awareness and understanding regarding cybersecurity and data protection.

How do I apply for this position?

Details for applying can typically be found on the Valsoft Corporation careers page or through the job posting platform where the listing is found.

image

Aspire Software

We never stop building. A vertical acquisition software company that owns, operates and manages a diverse portfolio.

Technology
Industry
1001-5000
Employees
2016
Founded Year

Mission & Purpose

Aspire Software, the operational arm of Valsoft Corp, operates and manages Valsoft’s global portfolio of wholly owned software companies, providing mission-critical solutions across multiple verticals. By implementing industry best practices, Aspire delivers a time sensitive integration process, and the operation of a decentralized model has allowed it to become a hub for creating rapid growth by reinvesting in its portfolio. Rather than seeking specific verticals, we seek companies with a solid foundation of outstanding products and passionate employees, with an endless potential for growth. We work in a decentralized structure with existing management and employees and offer opportunities for growth under the Aspire umbrella. Owners who are looking for an exit plan without abandoning their dedicated employees can rest easy knowing Aspire offers a permanent home for their business.