Job Title: Compliance & Controls Specialist | GRC Cybersecurity Our People, Our Energy! The Motor Oil Group At Motor Oil Group, our people are our energy! We support the Greek economy with exports to over 75 countries, thousands of employees, and continuous new investments. We work together to shape the future of energy and we focus on developing and empowering our people, cultivating their talents that will shape our future journey towards the energy transition. Starting with the role: We are searching to hire a Compliance & Controls Specialist | GRC Cybersecurity to join the MOH Team. The individual will be primarily responsible for the effectiveness of the information security governance program, ensuring compliance with relevant laws, regulations, and policies associated with the organization's information security practices. During your day you will: Support the development and maintenance of an information security governance framework that includes policies, procedures, standards, and guidelines to ensure the confidentiality, integrity, and availability of information assets. Provide guidance and support to employees on cybersecurity policies and procedures. Promote a culture of security awareness and ensure staff understand their roles in maintaining compliance. Maintain metrics and dashboards to track the performance and effectiveness of security controls. Support compliance to relevant laws, regulations, and policies, including but not limited to data protection, privacy, and information security standards such as ISO 27001, NIST, and PCI DSS Collaborate with internal stakeholders, to ensure that information security controls are integrated into business processes and systems. Facilitate gathering, reviewing, and assembling internal and external audit evidence. Contribute to the development and delivery of a comprehensive information security training and awareness program for employees. What you need to stand out: Bachelor’s degree in information technology, Computer Science or related field Master’s degree in information security will be preferred At least 3 years professional experience preferably on Information Security GRC Prior experience on assessing, designing and implementing security strategies, governance frameworks over processes and controls. Experience in data classification labelling, data loss prevention exercises and controls / mechanisms enforcement. Excellent command of the Greek and English language (oral and written) Auditor Certification of ISO27001 will be preferred.