Informacje o stanowisku

We are a Polish branch of a fast-growing InsurTech product company from Silicon Valley - Hippo Insurance. Our mission is to revolutionize home insurance in the US, starting from IoT monitoring devices to our industry-leading software. 
How do we want to get there? We need a top-notch talent, just like you! 
Putting a lot of effort into hiring top-tier professionals, is a proof that we care a lot about tech experience, the attitude, human approach, and what we could call „culture fit”.

„SwingDev is all about people” - yes, it may sound a bit cliche. But whether were writing code or just hanging out, we know that people are at the heart of everything we do. We like to have a good time and keep things light, even when were tackling big projects. We could brag about what’s making us special, but we’ve boiled it down to two key ingredients: mature, companionable people who, rather than compete, prefer to inspire and have each other’s backs; a culture of trust, empathy, and positivity that keeps us together, lets us interact as teammates and friends, and truly enjoy the ride.

About the role:We are seeking an experienced GRC Analyst to ensure our organization complies with federal and state regulations, as well as industry best practices. You’ll train staff on regulatory requirements, support investigations into compliance issues, and recommend improvements to internal procedures to enhance overall compliance.
So if youre a GRC Analyst looking to shake things up and have a good time while youre at it, you’ve come to the right place.

Recruitment process:

• Send us your CV – its the best way for us to get to know you.
• Meet Ola, one of our Recruiters.
• We’re finalizing the interview process, but heres a hint: there will be a maximum of 2 stages, allowing you to get to know your manager and team better.
• Meet on the final stage with Marcin and Alicja.
• and... welcome aboard!

Basics 
Form of employment of your choosing
Remote work & flexible working hours 
Paid sick leave
Paid holidays

Health & Safety
Private medical care with dentists & orthodontists package for you and your family 
❤ Group life insurance
Psychotherapists support — free online sessions with psychologists and psychotherapists.
Home physiotherapy
Multisport card & meditation apps reimbursed 50%

Working conditions & Development
Gear with Apple Logo and monitor
50% reimbursement for courses, conferences, books & certificates
Free access to private language lessons
6 Personal Development Days & 4 Voluntary Days Off 

Extras you may like
Cafeteria platform — extra “stówka”every month to spend on whatever you want to
Nanny services for parents 
Concierge services – a personal assistant to help you to deal with your everyday matters
Chill room with table football & PlayStation 4
Free snacks, and ice cream in the office (every day, all year round!)
Free Friday Lunch in the office
Team building events — we party together several times a year during the annual Offsite & Christmas Parties, beer after work, or our #WinterEscapeMonth workation in Cyprus

We might be a match if you…

• Have minimum of 2-3 years of experience in a GRC role in a 100% cloud environment.
• Have strong knowledge of regulatory requirements and industry standard frameworks - SOX or SOC 2.
• Have experience in auditing and applying control processes to networks and applications.
• Have experience developing corporate security policies, standards, and procedures.
• Have experience with security and risk management.
• Understand cloud environments (GCP, AWS, Azure).
• Have a great command of English (written & spoken).
• Are available in the afternoons - due to collaboration with the United States, evening meetings may occur. Rest assured, we prioritize work-life fit, respect everyones private lives, and don’t work at night but we still must ensure that communication between the time zones is effective.

You will get extra points for:

• Knowing industry standard frameworks such as:  ISO 27001, NYCRR 500, NIST, GDPR.
• Having certifications such as CRISC, CISA, CISM, CCSK, CompTIA Security+, or CGRC are highly desirable but not required.

We are a Polish branch of a fast-growing InsurTech product company from Silicon Valley - Hippo Insurance. Our mission is to revolutionize home insurance in the US, starting from IoT monitoring devices to our industry-leading software. 
How do we want to get there? We need a top-notch talent, just like you! 
Putting a lot of effort into hiring top-tier professionals, is a proof that we care a lot about tech experience, the attitude, human approach, and what we could call „culture fit”.

„SwingDev is all about people” - yes, it may sound a bit cliche. But whether were writing code or just hanging out, we know that people are at the heart of everything we do. We like to have a good time and keep things light, even when were tackling big projects. We could brag about what’s making us special, but we’ve boiled it down to two key ingredients: mature, companionable people who, rather than compete, prefer to inspire and have each other’s backs; a culture of trust, empathy, and positivity that keeps us together, lets us interact as teammates and friends, and truly enjoy the ride.

About the role:We are seeking an experienced GRC Analyst to ensure our organization complies with federal and state regulations, as well as industry best practices. You’ll train staff on regulatory requirements, support investigations into compliance issues, and recommend improvements to internal procedures to enhance overall compliance.
So if youre a GRC Analyst looking to shake things up and have a good time while youre at it, you’ve come to the right place.

Recruitment process:

• Send us your CV – its the best way for us to get to know you.
• Meet Ola, one of our Recruiters.
• We’re finalizing the interview process, but heres a hint: there will be a maximum of 2 stages, allowing you to get to know your manager and team better.
• Meet on the final stage with Marcin and Alicja.
• and... welcome aboard!

Basics 
Form of employment of your choosing
Remote work & flexible working hours 
Paid sick leave
Paid holidays

Health & Safety
Private medical care with dentists & orthodontists package for you and your family 
❤ Group life insurance
Psychotherapists support — free online sessions with psychologists and psychotherapists.
Home physiotherapy
Multisport card & meditation apps reimbursed 50%

Working conditions & Development
Gear with Apple Logo and monitor
50% reimbursement for courses, conferences, books & certificates
Free access to private language lessons
6 Personal Development Days & 4 Voluntary Days Off 

Extras you may like
Cafeteria platform — extra “stówka”every month to spend on whatever you want to
Nanny services for parents 
Concierge services – a personal assistant to help you to deal with your everyday matters
Chill room with table football & PlayStation 4
Free snacks, and ice cream in the office (every day, all year round!)
Free Friday Lunch in the office
Team building events — we party together several times a year during the annual Offsite & Christmas Parties, beer after work, or our #WinterEscapeMonth workation in Cyprus

,[Youll monitor and ensure compliance: Oversee adherence to regulations and certifications such as Sarbanes-Oxley (SOX), SOC2, ISO27001, CCPA, NIST, and NYCRR 500. Develop, maintain, and ensure compliance with corporate policies, standards, and procedures in alignment with applicable security frameworks. Stay updated with changes in relevant laws and regulations. Participate in risk remediation efforts across business units. , Youll prepare and support audits: Assist in internal and external audits by gathering and organizing evidence to demonstrate compliance. Document process flow diagrams, user stories, and business analyses. , Youll conduct risk assessments: Identify and analyze potential risks to the organization, evaluate their likelihood and impact, and manage third-party risks. , Youll collaborate: Act as an intermediary between business owners, system vendors, and the GRC/Cybersecurity team. Work with different teams to develop and enhance compliance procedures. Provide training and guidance on compliance and risk management best practices. , Youll develop and implement controls and programs: Create policies and procedures to mitigate identified risks. Ensure these controls are effectively implemented and maintained. Review new technology implementations for security compliance. Create and manage education and awareness programs. , Youll create reports and presentations: Communicate findings and recommendations to stakeholders. Prepare detailed reports on risk assessments, compliance status, and audit results. Define security metrics, reporting mechanisms, and create maturity models and a roadmap for continual program improvements. Requirements: GRC, risk management, GCP, AWS, Azure, ISO, NIST, GDPR, CISA, CISM, CCSK Tools: Jira, GitHub, Notion, Sonar, GIT, CircleCI, Agile, Scrum. Additionally: Sport subscription, Training budget, Private healthcare, Flat structure, Small teams, International projects, Concierge service, In-house trainings, No dress code, Free coffee, Free snacks, Playroom, Bike parking, Shower, Modern office, In-house hack days, Free beverages, Unlimited ice-cream, Startup atmosphere.

Praca Warszawa

Business Development Manager Warszawa

Warszawa - Oferty pracy w okolicznych lokalizacjach