Hiring.Camp

Senior GRC Analyst & Information Security Officer

Northlandpower

·

4 days ago

Location
Warsaw Office, Poland
Workplace
Remote, Onsite
Type
Full-time
Department
Administration
Seniority
Senior
Source
Workday

Description

Who We Are:
At Northland, we’re enablers of change, united by our journey to transform the energy sector into the foundation for a sustainable future.

Since our inception, we’ve been early movers in the energy industry, adopting new initiatives that pave the way for communities across the globe and helping forge their path towards a carbon-neutral landscape.

We’re a different kind of independent power producer. As developers, owners and operators who are at the forefront of the energy transition, we’re uniquely positioned to leave a lasting impact in the regions where we operate. We’ve expanded our business across Canada, the United States, Latin America, Europe and Asia to become a global leader, all by bringing together industry experts to find solutions with an entrepreneurial mindset. 

While our work powers communities across the globe, Northland is powered by our people.

Reporting to the Head of IT/OT Security & Compliance, the Information Security Officer & Senior Security Analyst, GRC, is responsible for information security governance, risk management, and compliance across IT and OT environments, with a primary focus on the EU NIS2 Directive and Poland’s National Cybersecurity System Act (KSC Act).

As the local information security authority and regulatory liaison for Poland, this role ensures compliance with local legal and regulatory requirements while aligning them with the organization’s global information security framework. The position serves as a trusted advisor to business leaders, maintains an auditable information security compliance posture, and supports the organization’s obligations as an essential or important entity under applicable critical infrastructure protection legislation.

The role is also a member of the global IT/OT Governance, Risk, and Compliance (GRC) team, contributing to the broader enterprise security program.

This position will be based in our Warsaw office. Additionally, this role will be 4 days in office per week, with one flexible day available for employees to work from home.

Key Responsibilities

  • Lead the implementation and ongoing management of critical infrastructure and information security compliance programs, including NIS2 and the Polish KSC Act.
  • Maintain and continuously improve the Information Security Management System (ISMS), ensuring compliance with regulatory, corporate, and industry standards (e.g., ISO 27001).
  • Serve as the primary liaison with regulators and critical infrastructure protection authorities, ensuring timely incident reporting, audit readiness, and regulatory compliance.
  • Identify, assess, and manage cyber and information security risks across IT and OT environments, including oversight of the enterprise cyber risk register and risk treatment activities.
  • Develop and maintain cybersecurity policies, standards, and governance frameworks, ensuring alignment between local regulatory requirements and global security practices.
  • Oversee compliance monitoring, internal and external audits, incident management, and the implementation of corrective actions.
  • Provide cybersecurity advisory support to business leaders and operational teams, embedding security requirements into business operations, projects, and strategic initiatives.
  • Manage third-party cybersecurity risk, including vendor assessments, due diligence, and ongoing oversight of critical service providers.
  • Deliver cybersecurity awareness and regulatory training programs and promote a strong security culture across the organization.
  • Drive continuous improvement of governance, risk, compliance, and security control effectiveness through metrics, reporting, and maturity assessments.

Who You Are:

  • Methodical and organized: You naturally work in a methodical way and relish the opportunity to add structure and order to your work. This will help with the competing priorities you will be managing.
  • Collaborative: You build relationships and enjoy working as a team player to get things done.
  • Independent: You are an independent thinker and naturally set your own timescales and milestones to ensure you meet your objectives. You know when you need to ask for help and are comfortable doing so.
  • Eager and adaptable: You are eager to learn and expand your skillset, and comfortable adapting to changing priorities in a fast-paced and deadline-driven environment.
  • A strong communicator: You have exceptional oral and written communication skills.

Qualifications and Experience

  • Bachelor’s degree in Information Security, Computer Science, Engineering, or a related field.
  • 5+ years of cybersecurity experience with a focus on governance, risk, and compliance (GRC).
  • Experience implementing and managing NIS2, the Polish KSC Act, ISO 27001, or similar regulatory and security frameworks.
  • Professional certifications such as CISSP, CISM, CRISC, and/or ISO 27001 Lead Implementer/Auditor are preferred.
  • Strong understanding of cyber risk management frameworks (e.g., NIST CSF, ISO 27005), IT/OT security controls, and regulatory compliance requirements.
  • Experience supporting critical infrastructure, energy, industrial, or OT/ICS environments is preferred.
  • Proven audit, risk assessment, stakeholder management, and cybersecurity advisory experience.
  • Strong communication, presentation, and relationship management skills, with the ability to translate regulatory requirements into practical business controls.
  • Fluency in Polish and English.
  • Self-motivated, collaborative, hands-on professional with strong judgment, prioritization skills, and a passion for cybersecurity and critical infrastructure protection.

What’s In It for You: 

Our employees are the driving force behind our achievements. We are unwavering in our commitment to not only recognise your contributions but also to empower you to excel in every aspect of your life. Here's a glimpse of why Northland is the place where you'll truly thrive: 

  • Thoughtful benefits –A pension plan and health insurance are just a couple of the benefits you’ll have access to.

  • Wellbeing first – Staying true to our taking care of ourselves and each other value, you will have access to our global Wellness Program. 

  • Birthdays off – You will get your birthday off work so you can celebrate however you choose. This is a paid day off to do what is important to you! 

We hire talented and passionate people from different backgrounds. If you’re excited about a role but your past experience doesn’t align perfectly with this job description, we still encourage you to apply. Learn more about our diversity, inclusion and belonging commitments. 

#LI-SM1

#LI-HYBRID

This document is a guide. The duties, responsibilities, and requirements of the jobs as described herein are not inclusive and are subject to change.

Northland Power is an equal opportunity employer and we are committed to creating a fair, inclusive and accessible environment. As part of our commitment we work to ensure our application process is accessible to all candidates. If you require special assistance or accommodation during the hiring process, please notify a member of the HR Department.

 

We use AI‑enabled tools to help identify applications that meet job‑related criteria. All applications are reviewed and decisions are made by people.

Skills

CybersecurityRisk ManagementComplianceISO 27001CISSP

Similar Jobs

30

Senior GRC Analyst

Whoop · Boston, MA · Onsite

2 days ago

Senior GRC Analyst

ABM Industries · GA, United States, US

3 days ago

Senior GRC Analyst

Morganmorganjobsapplynow · Orlando, Florida, United States

2 weeks ago

Senior GRC Analyst

Garnerhealth · Remote · Remote

2 weeks ago

Senior GRC Analyst

Kokosing · Westerville Office, United States of America

1 month ago

GRC Senior Analyst

Upwind · Remote

1 month ago

Senior GRC Analyst

Doppler · Remote - USA · Remote

1 month ago

Senior GRC Analyst

Benepass · U.S Remote · Remote

2 months ago

Senior GRC Analyst

Workato · Palo Alto, California +1

2 months ago

Senior GRC Analyst

Radar · New York · Onsite

2 months ago

Senior GRC Analyst

Endsight · Napa · Remote

2 months ago

Senior GRC Analyst

Docker · Canada +7 · Remote

2 months ago

GRC Senior Analyst

Upwind · Remote

2 months ago

Senior GRC Analyst

Encore · CA - San Diego, United States of America +1

2 months ago

Senior GRC Analyst

Workato · Hyderabad, India +1

2 months ago

Senior GRC Analyst

Workato · Chennai, India +1

2 months ago

Senior GRC Analyst

Workato · Bangalore, India +1

2 months ago

GRC Senior analyst

HiNext · (DEAI HD) IN Bengaluru - Residency Road, India · Onsite

2 months ago

Senior GRC Analyst

Flagship Pioneering · Cambridge, MA USA +1

3 months ago

Senior GRC Analyst

Crusoe · San Francisco, CA - US · Onsite

3 months ago

Senior GRC Analyst

Flutterbe · Junglee Gurgaon, India +1

3 months ago

Senior GRC Analyst

HelloFresh · Warszawa, Masovian Voivodeship, Poland

3 months ago

Senior GRC Analyst

Iterable · Hybrid - Lisbon, Portugal +1 · Hybrid

4 months ago

Senior GRC Analyst

Junipersquare · USA · Remote

4 months ago

Senior GRC Analyst

Pattern · Pune, India · Hybrid

4 months ago

Senior GRC Analyst

Nextracker · Hyderabad, Telangana - IND, India

6 months ago

Senior GRC Analyst

Entrata · Lehi, Utah · Hybrid

1+ year ago

Senior GRC Analyst, HIPAA

Doordash USA · United States - Remote · Remote

3 weeks ago

Security GRC Senior Analyst

Salesforce · India - Hyderabad · Onsite

1 month ago

Governance, Risk, & Compliance (GRC) Analyst (Senior or Lead)

Boeing · USA - Seattle, WA, United States of America +13 · Hybrid

1 month ago
Remote Senior GRC Analyst & Information Security Officer at Northlandpower | Hiring.Camp