Security Engineer - Governance, Risk and Compliance (GRC), London, Lausanne
Join us for the Security Engineer - Governance, Risk and Compliance (GRC) role at myGwork - LGBTQ+ Business Community.
This position is with Isomorphic Labs, an inclusive employer and a member of myGwork. Please do not contact the recruiter directly.
About the Role
As a Senior Security Engineer - GRC, you will establish and maintain a security governance framework, ensuring compliance with industry standards and regulations, and fostering a culture of security awareness. Your work will directly impact the company's ability to innovate and achieve its ambitious goals in drug discovery powered by AI.
Responsibilities
1. Spearhead the development of IsoLabs' Information Security Management System (ISMS) and guide ISO 27001 certification efforts.
2. Implement and improve security policies, controls, and procedures aligned with industry best practices.
3. Monitor compliance with regulations, internal policies, and third-party requirements, addressing gaps proactively.
4. Collaborate with TechOps, Data Engineering, Legal, and Product teams on data governance and security solutions.
5. Lead security projects in partnership with Machine Learning and Drug Discovery teams.
6. Manage internal and external audit processes, including compliance reporting.
7. Define risk management strategies, secure vendor solutions, and meet third-party security standards.
8. Promote security awareness across the organization.
9. Oversee Vendor Security Assessments and improve related processes.
10. Support Incident and Vulnerability Management policies.
11. Ensure legal and regulatory alignment, especially regarding data privacy.
12. Report on KPIs to measure security effectiveness.
Minimum Requirements
* Strong IT and cybersecurity background with experience in cloud platforms.
* Experience developing security policies, standards, and procedures.
* Understanding of risk management frameworks (ISO/IEC 27001, GDPR, HITRUST).
* Excellent communication skills for diverse audiences.
* Experience with data governance, privacy controls, and data lifecycle management.
* Proven track record with audits and certifications.
* Project management skills and cross-team collaboration experience.
Preferred Qualifications
* Experience with Trusted Research or ML Environments.
* Background in BioTech or Pharma industries.
* Streamlining Vendor Security Assessments.
* Knowledge of security in AI-first environments.
* Relevant certifications (e.g., CISM, CISSP, ISO 27001 Lead).
Culture & Values
We value curiosity, bravery, determination, and collaboration. Our environment supports diversity, inclusion, and equal opportunity. We follow a hybrid work model requiring presence in the office three days a week, with accommodations available for special needs.
#J-18808-Ljbffr