We’re at a turning point in history. Climate change is changing the world faster than ever before. Utilities will play a crucial role in the transformation of our society to fight climate change and become carbon-neutral, while at the same time making sure people and businesses can continue to use energy supply like they’ve been used to for so many years.
At Gorilla, we’re determined to not stay aside, but to make a real impact on the utility industry by providing data services that allow utilities to play the role they need to play in the quest for a net-zero society. By building something that solves a real problem, and by being the best at what we do.
As our Information and Security Officer, you’ll be a driving force in our scale-up journey. Your multifaceted role is key to strengthening our security and compliance practices, bridging the gap between strategic initiatives and hands-on IT functions.
- Lead the migration to the latest version of ISO 27001, ensuring that our security practices are up to contemporary standards.
- Maintain PII, legal, supplier and client registers, overseeing supplier onboarding and conducting risk assessments.
- Be Gorilla’s client-facing security expert, handling all security and compliance inquiries from sales to production phases.
- Assist in due diligence procedures during fundraising rounds or during (client) audits.
- Keep the continuous improvement process for our ISMS up and running and be the SPOC for the organisation, auditors and external parties.
- Spearhead further compliance programs, such as SOC 2 Type II or B-CORP, defining controls and ensuring adherence to reporting requirements.
- Provide operational IT support from a security perspective, handling access requests, authentication and authorisation in IT systems.
- Assess, select, and maintain security tools and software, building vendor relationships, and negotiating contracts to support our technological growth.
- Assist in IT buying decisions, evaluating the security implications of new software and hardware for compatibility with existing systems.
- Design and implement secure tool configurations and integration workflows maintaining data integrity and supporting operational efficiency.
- Drive the development of security and IT support policies, delivering training and guidance to all staff to foster a culture of security awareness.