Specialist Security Advisor

About NDT GlobalNDT Global is the leading provider of inline diagnostic solutions, advanced data insights, and integrity management services that safeguard energy-sector infrastructure. The company is recognized for its expertise in both ultrasonic inspection technologies — such as Pulse Echo, Pitch-and-Catch, Phased Array, and Acoustic Resonance (ART Scan) — and ultra-high-resolution Magnetic Flux Leakage (MFL) inspection services. These differentiated offerings, along with non-ultrasonic technologies like Inertial Measurement Units and others in development, enable NDT Global to deliver comprehensive asset integrity solutions.Innovation is at the core of NDT Global's mission. By strategically applying inspection technologies to detect, diagnose, and model various types of threats, NDT Global provides predictive, decision-ready insights. These insights, driven by the world's most accurate data, enable asset owners to optimize infrastructure health, drive operational efficiencies, reduce risk, and minimize their carbon footprint.The Cyber Security Specialist – Governance, Risk & Compliance (GRC) is responsible for defining, implementing, and continuously improving NDT Global's cybersecurity governance, risk management, and compliance programs in alignment with global standards (CIS, NIST, ISO 27001). Operating within the IT team and collaborating across business units, this role ensures a consistent and proactive approach to cybersecurity governance, risk identification, and mitigation. Establish and maintain cybersecurity governance aligned with CIS Controls, NIST CSF, and ISO 27001.Lead maturity assessments and drive continuous improvement of cybersecurity postureLead the enterprise cybersecurity risk management program, including identification, evaluation, mitigation, and reporting of risks.Partner with IT and functional leads to remediate vulnerabilities and prioritize controls.Security Operations Support (20%)Collaborate with IT infrastructure teams to ensure consistent monitoring, incident detection, and response.Provide guidance during incident handling and root-cause analysis.Participate in threat-hunting, penetration testing, and vulnerability management cycles.Ensure adherence to regulatory and client security requirements across regions (e.g., Prepare and support internal and external IT security audits.Lead employee cybersecurity awareness programs.Collaborate with HR and IT to roll out phishing campaigns and training.Bachelor's degree in cyber security, Computer Science, Information Systems, or related discipline.Minimum 5 years in cybersecurity governance, risk, and compliance functionsProficiency in English (spoken and written); German language skills an advantage.Experience implementing or managing controls within CIS, NIST, or ISO 27001 frameworks.Experience supporting security operations, vulnerability management, and incident response.Familiarity with cloud and hybrid environments (Microsoft 365, Azure, AWS).Understanding of European data protection regulations (GDPR).Proficiency in Power BI or equivalent analytics platformsSkilled in policy lifecycle management tools and automated compliance workflowsDesigns and enforces scalable cybersecurity policies.Identifies and communicates risks effectively to senior management.Translates complex threats into actionable controls.Works across departments to embed cybersecurity in operations.Full benefits package effective immediately for employees and their dependentsOngoing training to keep your skills sharp and help you growRegular social events and programs to foster team spirit