Information Security GRC Specialist (f/m/d) in London

As Information Security GRC Specialist (f/m/d) you will own and drive Awin's global Information Security Risk Management capability end-to-end, ensuring the business not only understands its risks but takes measurable action to reduce them. You will be accountable for embedding a strong culture of risk ownership across the organisation, proactively identifying gaps, and driving remediation through to completion.

This role requires structured risk identification, assessment, and reporting whilst acting as an advisor to senior leadership and the board. It ensures that risk appetite is clearly defined, actively used in decision-making, and consistently monitored.

Your location: Ideally in Berlin, Munich, Madrid, Warsaw, London, Milan, Ia?i, Stockholm, or Paris (or in Germany, Spain, Poland, UK, Italy, Romania, Sweden, or France)

Key Tasks

• Lead enterprise-wide risk identification and assessment across strategic initiatives, technology, and third parties. Ensure risks are prioritised and clearly articulated in business terms (financial, regulatory, reputational) to enable effective decision-making.
• Drive risk remediation to closure, holding risk owners accountable for delivery and escalating where progress stalls.
• Ensure risk management is embedded in cross-functional initiatives and considered as part of key business decisions.
• Own and maintain the Information Security Risk Register, ensuring it reflects true risk exposure, progress, and outcomes, not just status updates.
• Facilitate risk reviews that are focused on decisions, accountability, and measurable progress.
• Define, embed, and maintain the organisation's risk appetite, ensuring it is actively used in both business and technology decision-making.
• Establish and track KPIs that measure real improvements in risk posture, not just activity.
• Provide clear, opinionated, and actionable risk insights to senior management and the board.
• Act as the bridge between technical and business teams, ensuring risks are clearly understood and acted upon.
• Confidently challenge and influence stakeholders to ensure risks are neither understated nor inappropriately accepted.
• Own and continuously improve Awin's global information security risk management framework, aligned to ISO 27001 and regulatory requirements.
• Monitor control effectiveness, proactively identify weaknesses, and drive improvements.
• Embed risk management into business processes so that risks are considered early and proactively, rather than retrospectively.
• As the most senior member of the team, mentor and develop GRC team members, building capability in risk management and assurance.
• Lead horizon scanning across emerging threats, regulatory changes, and industry developments, translating these into practical risk implications and actions for the business.

Skills & Expertise

• Proven track record of owning and delivering risk management initiatives end-to-end.
• Experience driving risk remediation across teams without direct authority.
• Strong experience presenting and defending risk positions to senior leadership and boards.
• Hands-on experience within an ISO 27001-certified ISMS environment.
• Strong knowledge of frameworks such as ISO 27001.
• Experience designing, implementing, or improving control frameworks.
• Experience with GRC platforms (e.g. Hyperproof).
• Confident communicator (with very good English skills) - able to build relationships and challenge/influence senior stakeholders.

Our Offer

• Flexi-Week and Work-Life Balance: We prioritise your mental health and well-being, offering you a flexible four-day Flexi-Week at full pay and with no reduction to your annual holiday allowance. We also offer a variety of different paid special leaves as well as volunteer days.
• Remote Working Allowance: You will receive a monthly allowance to cover part of your running costs. In addition, we will support you in setting up your remote workspace appropriately.
• Flexi-Office: We offer an international culture and flexibility through our Flexi-Office and hybrid/remote work possibilities to work across Awin regions.
• Development: We've built our extensive training suite Awin Academy to cover a wide range of skills that nurture you professionally and personally, with trainings conveniently packaged together to support your overall development.
• Appreciation: Thank and reward colleagues by sending them a voucher through our peer-to-peer program.

Established in 2000, Awin is proud of our dynamic, social and inclusive culture. Like all businesses, we've had to adapt and nurture our culture in a virtual environment. Our virtual hub brings our colleagues from across the globe together for various social activities. Diversity & Inclusion are paramount to us, and we proudly pursue and hire diverse team members. We champion uniqueness and authenticity; this is who we are at our core. Our network of affiliate partnerships are diverse and transparent, as are the employees powering our vision to build the world's leading open partner ecosystem. We welcome all backgrounds, identities, and experiences. If you need support at any point in the application or interview process, please let us know.

Awin is part of the Axel Springer group. Learn more at , and explore the Axel Springer Essentials here: Apply now to begin the next stage of your career at a progressive company that supports both your professional and personal development.