IT Governance, Risk, and Compliance Specialist

Posted 29 August 2025
Salary Negotiable
LocationSwitzerland
Job type Contract
Discipline Cyber Security
ReferenceBBBH39788

Job description

IT Governance, Risk, and Compliance Specialist (IT GRC)
Location: Fully remote.
Contract Length: 6 months (potential extension)

We're working with a leading organisation in the pharmaceutical sector that is strengthening its IT governance and cybersecurity framework in line with CIS controls and upcoming NIS2 regulation. They are now seeking an experienced IT Governance, Risk, and Compliance (GRC) Specialist to support the development of critical cybersecurity policies and processes.

This is a hands-on contract role, suited to a GRC generalist with strong policy writing experience who can cover a broad range of areas including disaster recovery, backup, identity and access management, physical security, and risk management.

What you'll be doing

  • Drafting and refining IT and cybersecurity policies across key areas such as incident response, vulnerability management, disaster recovery, backup, password management, asset management, and network security.

  • Supporting the development of a control framework aligned to CIS and NIS2.

  • Providing practical input into risk management processes and treatment plans.

  • Developing documentation and processes for physical security (e.g. facility access controls and site-specific policies).

  • Working closely with internal stakeholders to ensure policies are clear, practical, and aligned with regulatory requirements.

What we're looking for

  • 5+ years of experience in IT GRC, compliance, or a related role.

  • Proven experience writing and developing IT policies and processes.

  • Strong background in IT disaster recovery and backup.

  • Knowledge of identity and access management and associated controls.

  • Experience with physical security policy development.

  • A broad GRC background, able to work across multiple domains.

  • Excellent written and verbal communication skills in English.

Why join?

  • Play a key role in shaping an organisation's cybersecurity policy framework during a critical period of regulatory change.

  • Fully remote position.

  • Initial 6 month contract with the potential to extend.

If you have the experience and are available for a new contract opportunity, please apply with your CV or get in touch for a confidential conversation.