Information Security Officer & Vulnerability Analyst

Is information security and protection part of your DNA And you would like to develop yourself professionally and personally in a global market leading conglomerate within hearing aids audio video and gaming solutions Then you might be our new colleague.

In the role as Information Security Officer & Vulnerability Analyst you will contribute to our purpose of Bringing People Closer here at Brand a part of GN.

This position is a combined role acting both as an Information Security Officer (ISO) and as a Vulnerability Analyst. The role serves as a Subject Matter Expert on information security supports governance and compliance activities (internal audits customer questionnaires vendor risk assessments) and ensuring the identification assessment and remediation of vulnerabilities across the organizations technology landscape.

This role works closely with DDI R&D Operations Procurement and business stakeholders to ensure that security risks are understood prioritized and managed in line with company policies regulatory requirements and customer expectations.

The team you will be part of

You will join our team of 5 collaborative and experienced colleagues where we are all working with the GN Groups Information Security & Data Privacy at a strategic level translating rules and regulations into internal requirements and policies for our organization as a whole and for our global products specifically. We see ourselves as enablers: our job is to make it easier and safer for GN to innovate win customers and operate effectively in a complex digital landscape.

We constantly look for better ways of working more automation clearer processes and simpler ways to explain security to nonsecurity colleagues.

Your contribution is appreciated and you will:

• Act as a Subject Matter Expert (SME) for information security advising stakeholders on security best practices policies and standards.

• Support the design implementation and continuous improvement of the Information Security Management System (ISMS) and related controls (e.g. ISO 27001 SOC 2 or similar frameworks depending on context).

• Plan coordinate and execute internal security and compliance audits including scoping evidence collection documentation of findings and followup on remediation actions.

• Manage or support responses to customer security and privacy questionnaires due diligence requests and RFP/RFI security sections ensuring consistent accurate and auditready answers.

• Support vendor risk management: perform security assessments of third parties and suppliers review security documentation (e.g. SOC reports ISO certificates penetration test reports) and track remediation of identified gaps.

• Participate in risk assessments and security design reviews for new systems products and services ensuring that security requirements are identified and addressed early.

• Collaborate with infrastructure application and cloud teams to define remediation plans and realistic timelines and follow up on progress.

• Monitor security advisories threat intelligence feeds and vendor bulletins to identify relevant vulnerabilities and translate them into actionable tasks for technical teams.

• Support incident response activities related to exploited vulnerabilities (e.g. log collection initial analysis scoping of affected systems and coordination with relevant teams).

To thrive in the role we imagine that you have:

• A higher educational level in Information Security and Cybersecurity or other relevant fields of study or experience.

• An Understanding of legal and regulatory requirements related to cybersecurity and data protection (ISO 27001 NIST CIS NIS2 GDPR) as well as vulnerability reporting.

• Logical and problem-solving skills.

• The ability to communicate complex security concepts to non-technical stakeholders.

• High proficiency in English in speech and in writing.

• Relevant certifications (e.g. CISSP CISM CRISC) are a plus.

On a personal level we expect you to be comfortable contributing in team settings as well as managing tasks on your own collaborating across the organization with stakeholders in a global work environment.

At GN we pride ourselves on encouraging flexible working whenever possible. We trust our people to fulfill their responsibilities to know when in-person collaboration is better than hybrid and to be present when its needed most.

We encourage you to apply

Even if you dont match all the above-mentioned skills we will gladly receive your application if you think you have transferable skills. We highly value a mindset motivation and energy that aligns with our core values to not only ensure success for you but for your team and the wider GN organization as well.

We are dedicated to an inclusive recruitment process
All applicants will receive equal consideration for employment. As such we encourage you to submit your CV without a photo to ensure an equal and fair application process.

Should you have any special requirements for the Interview please let the hiring manager know upon accepting invitation to interview.

How to apply

Use the APPLY link no later than 28th of February 2026. Applications are assessed on a continuous basis so dont wait to send yours.

On a time crunch Feel free to only submit your up-to-date CV including a few sentences outlining your motivation for applying quick and easy.

If you would like to know more about the position please contact Deputy CISO & Risk Officer Jose López Arredondo on LinkedIn.

Join us in bringing people closer
GN brings people closer through our leading intelligent hearing audio video and gaming solutions. Inspired by people and driven by innovation we deliver technology that enhance the senses of hearing and sight. We help people with hearing loss overcome real-life challenges improve communication and collaboration for businesses and provide great experiences for audio and gaming enthusiast.

We hope you will join us on this journey and look forward to receiving your application.

#LI-Hybrid

#LI-GNGroup