For our client, a provider of a data automation platform that simplifies and streamlines data processes using modern technologies like no-code, cloud, and AI for major global financial institutions and corporations, we are looking for an experienced GRC Information Security Analyst.
Oversee the development and upkeep of the Information Security policy framework, ensuring alignment with risk appetite, regulations, and industry standards.
Lead enterprise risk management initiatives across the organization and manage third-party due diligence.
Handle client Information Security inquiries and questionnaires, while maintaining a comprehensive Information Security knowledge base to support customer success and pre-sales teams.
Serve as the first point of contact for Information Security requests, collaborating on regulatory compliance matters and working with engineering teams to enhance the security knowledge base.
Track and manage security-related KRIs and KPIs, provide guidance on security matters, and stay informed about emerging threats.
Foster a strong Information Security culture within the organization and support compliance with ISO27001 and SOC1/2 standards.
Private medical care packages available for individuals, partners, or families.
Multisport card and life insurance package.
A success-sharing bonus scheme to reward your contributions.
600 PLN annual allowance to support your home office setup.
Unlimited annual leave, trusting employees to manage their own time off.
Flexible working hours and remote work opportunities.
Ability to work abroad for up to 6 weeks per country each year.
Enhanced family leave and personal learning and development budgets.
Referral bonuses for recommending successful hires.
Employee Equity Purchase Scheme and recognition awards, including Employee of the Month/Year.
Four days of paid volunteering time off, with flexibility to choose initiatives.
Six years of experience in Information Security with similar responsibilities, including enterprise risk management, third-party due diligence, and risk assessments.
Proven experience in conducting Information Security assessments and maintaining an established Information Security Management System (ISMS).
Expertise in handling Information Security incidents and maintaining accreditations like ISO27001, SOC1, and SOC2.
Strong knowledge of cloud computing environments, container-based technologies, and relevant security standards.
Familiarity with tools such as Google Workspace, JIRA, and Confluence, and the ability to thrive in a fast-paced, collaborative setting where developing innovative solutions is key.
Skilled in delivery, stakeholder management, reporting, and managing risks and issues.