GRC consultant
GRC consultant at UNITAS in Aarhus North (Lystrup)
Are you a dedicated GRC consultant with a passion for information security?
Do you miss being part of a GRC/CISO/GDPR team that daily infects each other with good energy, knowledge and ideas, and that has understanding
for the team's overall strength and ability to deliver services and products of very high quality?
So read more below.
Om UNITAS
UNITAS is a well-run company that specializes in information security, IT law and compliance.
UNITAS was established in 2019 by Morten Schaumann and Jacob Georg Naur. With their many years of experience as IT security consultant and lawyer, they wanted, in short, to build a bridge between IT and law. The vision was then as now, that UNITAS must be the customers' preferred external information security and compliance department.
I UNITAS We are continuously working on organizational and employee development so that the framework and foundation are in place – in relation to the further development of both UNITAS and the employees.
We also work with self-directed teams, which together solve the tasks within a decision framework.
UNITAS today consists of 16 employees and we are now expanding the GRC team and are therefore looking for 2 new colleagues.
The working environment at UNITAS
In everyday life at the office, we are very social, help each other, engage in a number of joint activities and generally have a lot of fun, but we never lose sight of the academic or professional work.
IT equipment and digital tools are of high quality. The same is true of the physical environment, which contributes to job satisfaction, which is crucial to our success. You will experience great freedom under responsibility. We create an open dialogue through informal conversations where we share knowledge and support each other. We believe that good results are best achieved through collaboration and a focus on quality in delivery.
You will have great freedom to work at home, with customers or at the workplace in Lystrup. However, as a general rule, you must attend the office on Monday and Friday.
The position
As a GRC consultant at UNITAS will you play a central role in ensuring that our customers comply with applicable regulations such as NIS 2, DORA, GDPR etc. You will be part of a team where you will have the opportunity for professional sparring with like-minded people. We offer a position with great influence where you can help build something meaningful - both for our customers and for UNITAS.
Example of a typical task
A common task involves e.g. a project within NIS 2, where you lead one or more workshops for management and/or board of directors as well as system owners at the customer in a small or large Danish or international company. As you can read, the customer portfolio is wide ranging, so as a consultant you also need to be able to handle the different cultures and norms of the customers.
You then plan in collaboration with the customer - possibly with the help of a Business Supporter from UNITAS – the further delivery of, for example, policies, procedures and tools as well as the execution of management education, awareness training, auditing and tests and more, depending on the customer's needs and maturity level.
You will thus have to write information security policies and procedures in accordance with a wide range of frameworks, including ISO, NIST, CMMC, CIS, ISAE3402/3000, etc. You will of course be supported by your colleagues in your work. For example, it is common for us to carry out a CIS Controls/CIS18 analysis so that you have a basis for evaluating the customer's current needs as well as advising on the results of the analysis and integrating them as proposals for improving existing policies and technical measures. You will naturally also discuss the technical measures with the appropriate specialists at UNITAS.
In the ISMS-supporting IT system (GRC system), you document the customer's systems, risks and the actions taken to reduce risks.
As a natural part of your work, you must report to the customer's management. It may be that you have to attend a board meeting or two, where you will be allowed to present the results of the preliminary work and make recommendations for the next steps. As you know, information security and compliance work is an ongoing task.
For some customers, they will want to hand over operational responsibility for information security to UNITAS. In these situations, the task ends with you handing over the work to UNITAS' service department, which then takes over the annual wheel tasks, so that the customer's needs are met for the future.
During the course of the assignment, you typically collaborate with 2-3 colleagues throughout the entire process. Together you cover the overall task, so that you get the opportunity to use your core competences as best as possible and get support in areas outside your core competences from skilled colleagues.
We are looking for an employee who can contribute with:
- Minimum 2-3 years of practical experience within the GRC area, preferably in a consultant role.
- One or more relevant educations or certifications, e.g. ISO27001 Lead Implementer / Lead auditor, CISA or similar. If you have the right experience and personality, but lack certifications to support this, we of course support you obtaining relevant certifications.
- The ability to handle tasks and make decisions independently, but also the ability to work in teams with 2-4 colleagues on a task.
- Excellent communication skills in Danish and English (we live by being able to write).
- Flexibility in connection with consulting tasks throughout the country, even if much can be solved remotely
We offer
- Opportunity for professional sparring and development at a high level
- For example The first 4 weeks with a personal "Talent development" meeting - where the learning program is initiated
- After that – Individual Talent development program
- Knowledge sharing meetings with your professional colleagues
- Friday knowledge sharing with all UNITAS
- Great influence on own tasks and areas of responsibility
- Short path from idea to action and room for good ideas
- Minimal administration and limited time tyranny
- Good lunch arrangement
- Possibility to participate in frequent social events, fitness, padel etc. as well as an annual summer trip and a Christmas lunch.
- Common bonus scheme
- Possibility of flexible working hours, possibly less than 37 hours per week
- Although we are not a large company, our finances are solid and we have all formal aspects under control such as pension, homework and modern tools. We are located in Lystrup near Aarhus and work every day to be preferred by public and private organisations, where we act as their outsourced information security and compliance department.
Interested?
Send your CV or a link to your LinkedIn profile incl. contact information for job@unitas.consulting
If you have any questions about the position, please contact COO Kirsten Brøchner on tel. 28 78 09 23
We treat all applications confidentially, and applicants are processed on an ongoing basis. We look forward to hearing from you.