Poznań, Poznań, Greater Poland Voivodeship, Polska
VML Enterprise Solutions Sp. z o.o.
23. 9. 2024
Informacje o stanowisku
technologies-optional :
CIPP
CIPM
ISMS IA
CompTIA+
about-project :
We are seeking a diligent and detail-oriented Information Security & Privacy Specialist to join our team. The role will be responsible for identifying, assessing, and mitigating risks related to information security and privacy, and will focus on protecting data, ensuring compliance with relevant regulations, and implementing security measures to prevent security incidents. The ideal candidate will have ability and proficiency in information security and privacy principles and a willingness to learn and grow in the field.
responsibilities :
Understand processes and procedures used within the organisation’s information security and privacy framework to safeguard the organisations infrastructure, applications, and data
Support company in maintaining the SOC2 certificate and other departments in following the standard
Perform annual reviews of local processes and ensure compliance with SOC2 and group standards
Propose changes to information security and privacy policies and procedures to ensure continuous improvement
Respond to queries from the business and stakeholders on privacy and information security related matters
Respond appropriately to security incidents, under the guidance of senior team members
Provide support during security incident response activities, including investigations, analysis, and resolution of security incidents
Conduct internal audits/assess potential risk to ensure compliance with information security and privacy processes and standards, identifying gaps and recommending improvements
Manage relationships with local vendors, ensuring they comply with the Companys privacy and information security standards
Ensure compliance with local privacy and group requirements. Use Privacy Management tools to manage privacy processes
Provide Privacy and Information Security training and awareness programs for employees
Collaborate with cross-functional teams to support security initiatives and projects being undertaken
Stay up-to-date on the latest information security and privacy trends, and technologies to continuously improve the organisations security posture
Offer guidance to less experienced members of the team
requirements-expected :
Proven experience working in information security and privacy roles, with at least 3 years of experience or any related role e.g. in IT that has experience in working with regulations and standards.
Understanding of principles and associated technologies that are used for information security and privacy, including network, physical, cloud, application security, anonymisation and pseudonimisation
Understanding of data privacy principles and terminology used to manage data privacy within the organisation.
Knowledge of relevant local privacy legislation and regulatory bodies (e.g. , GDPR,UODO)
Understanding of requirements for reporting privacy incidents and breaches to senior team members
Good understanding of business processes and objectives
Strong problem-solving skills and attention to detail
Effective communication and interpersonal skills, with the ability to work effectively in a team environment and communicate technical information to non-technical stakeholders
Eagerness to learn and explore new technologies and tools relevant to information security and privacy
Continuously seeking opportunities to pursue further education and training in information security and privacy
Certifications such as Internal Auditor ISO27001 or Lead Auditor ISO27001 and postgraduate studies related to cybersecurity or privacy are welcome
Relevant certifications such as CompTIA+, ISMS IA, CIPP, CIPM or equivalent are a plus, but not required
ITIL certifications/exposure beneficial
Interest in a career as an information security and privacy specialist or similar role
Effective communication skills, both written and verbal
Active listening skills
Ability to articulate messages to a variety of audiences
Good stakeholder management skills
Ability to work towards a common vision or goal
Flexibility and adaptability; ability to work in ambiguous situations
Resilience with a propensity to persevere
Forward-looking with a comprehensive approach
Organisational skills with a natural inclination for planning strategy and tactics
Problem-solving skills
Ability to work effectively at all levels in an organization
Team player approach and ability to work collaboratively with and through others
offered :
Salary depending on presented skills: 9 000 – 14 000 PLN gross (Contract of Employment)
Hybrid work style and flexible working hours
Additional paid days off as an anniversary reward
Annual bonus dependent on company profit
Luxmed VIP package
Cafeteria system (MyBenefit)
Lunch compensation (Pyszne Pay)
Budget for training and development (conferences, certifications, workshops and other)
English lessons during work hours
Co-financing your holidays, kindergarten, Multisport Plus, and others
Group insurance and travel insurance
Office and online integration events and team building activities
Internal knowledge sharing and team initiatives
A designated mentor supporting you through your whole career at VML