Information Security and Data Protection Specialist
Job Summary
Job Description
As an Information Security and Data Protection Specialist, you will be responsible for the strategy, roadmap, and daily execution of our information security and privacy program to mitigate risks, comply with regulations, and safeguard customer data. Key responsibilities include managing daily security operations, building and updating the security roadmap, conducting assessments and improvements, leading audits and risk assessments, introducing new security technologies, advising and overseeing security and privacy best practices, ensuring governance and compliance with regulations like ISO 27001 and GDPR, maintaining Records of Processing Activities (RoPA), handling incident response as a privacy lead, managing the GDPR program, serving as the primary privacy contact, and designing and delivering training and awareness sessions. The ideal candidate will have proven experience in managing information security and data protection in a regulated environment.
Must have:
- Manage information security and data protection.
- Deep knowledge of ISO 27001, GDPR, and related frameworks.
- Hands-on skill with security tech.
- Strong risk assessment and audit background.
- Clear communication skills to translate security jargon.
Good to have:
- Relevant certifications such as CISSP, CISM, CIPP/E are a plus.
7 skills required
Job Details
In this role, you will own the strategy, roadmap and day‑to‑day execution of our information security and privacy programme. Your mission: cut risk, meet regulatory demands, and keep our customers’ data safe.
Key Responsibilities
- Run daily security operations –Update and apply policies and standards that prevent loss, fraud and breaches.
- Build and update the security roadmap – set priorities, budget and timelines; track delivery.
- Assess and improve – perform ongoing process and system reviews; close gaps fast.
- Lead audits and risk assessments – scope, run, report and follow up. Manage the ISO 27001, Pentests, Vscans, and ISMS audits end to end.
- Introduce next‑gen security tech – evaluate, select and coordinate implementations.
- Advise and oversee – coach management and teams on security and privacy best practice.
- Governance and compliance – steer the organisation toward full alignment with ISO 27001, GDPR and other relevant laws.
- Maintain Records of Processing Activities (RoPA) – gather updates from every business unit and system owner.
- Incident response – act as privacy lead, ensure swift containment, notification and lessons learned.
- Own the GDPR programme – set annual objectives, maintain the policy framework, report progress to senior leadership.
- Primary privacy contact – handle enquiries from regulators, partners and data subjects.
- Training and awareness – design and deliver engaging sessions for onboarding, role‑specific deep dives and annual refreshers.
What You’ll Bring
- Proven experience managing information security and data protection in a regulated environment.
- Deep knowledge of ISO 27001, GDPR and related frameworks.
- Hands‑on skill with security tech
- Strong risk assessment and audit background.
- Clear communication – you translate security jargon into business language.
- Ability to influence at every level
- Relevant certifications (e.g., CISSP, CISM, CIPP/E) are a plus.
Success Looks Like
- Zero material security or privacy breaches.
- Clean audit findings and timely closure of actions.
- Measurable reduction in risk scores year on year.
- High staff engagement in security training.
- Regulators recognise our programme as best‑in‑class.
Similar Jobs
Simcorp
Warsaw, Masovian Voivodeship, Poland (Hybrid)
• 3 Months ago
SimpliSafe
Boston, Massachusetts, United States (Hybrid)
• 1 Month ago
Get notifed when new similar jobs are uploaded
Similar Skill Jobs
Kavalirio
Holly Springs, North Carolina, United States (On-Site)
• 3 Weeks ago
CME Group
Chicago, Illinois, United States (On-Site)
• 1 Month ago
Apple
Cupertino, California, United States (On-Site)
• 1 Month ago
whoop
Boston, Massachusetts, United States (On-Site)
• 1 Week ago
Palo Alto Networks
São Paulo, State Of São Paulo, Brazil (On-Site)
• 4 Weeks ago
Get notifed when new similar jobs are uploaded
Jobs in St. Julian's, Malta
Get notifed when new similar jobs are uploaded
Cyber Security Jobs
bytedance
San Jose, California, United States (On-Site)
• 4 Months ago
Tide
Belgrade, Serbia (Hybrid)
• 3 Months ago
Get notifed when new similar jobs are uploaded
About The Company
Yggdrasil is a Games producer with a reputation for making the best games in the iGaming and online casino industry. After 5 years, we have an enviable track record of game releases and work with the biggest and best operator brands in the market. Driven by innovation, creativity, and technology in a truly open and multinational culture, we are enjoying huge year on year growth as our products and our team evolve, making bigger and better products with every release. If you want to be part of a really innovative, technology-focused game production team working with the best technologies we can find, get in touch.
Get notified when new jobs are added by Yggdrasil Sandbox
