Information Security Risk & Compliance Analyst
Sofia/Plovdiv
Reward Gateway
Boost engagement by simplifying and uniting employee recognition, rewards, communications and more in one easy-to-use employee engagement platform.
Information Security Risk & Compliance Analyst
At Reward Gateway, we already understand that Compliance and Security are paramount to our success, reflected in the culture. Our Leadership Team is fully committed to Compliance and Information Security and you won’t have to spend time convincing stakeholders to care - you’ll be empowered to improve the company.
We have a longstanding ISO 27001 programme and are on the final stretch toward SOC2 Type II compliance. We are also working toward attaining Cyber Essentials Plus compliance, with ISO 9001 planned as well. These standards structure everything we do and enable our business to grow by providing a high level of assurance to our customers.
At Reward Gateway, we want all of our employees to feel comfortable bringing their passion, creativity and individuality to work. We value all cultures, backgrounds and experiences, as we truly believe that diversity drives innovation. Express yourself, join our community and help us Make the World a Better Place to Work.
We hire BETTER.
From perks to people, our BETTER approach to hiring earns us more trust, happier people and more world-class talent that help us to make the world a better place to work. Find out more about Reward Gateways approach to benefits, equality, talent, technology, empathy and what you’ll get in return for joining our Mission at rg.co/lifeatrg.
Application Deadline: 30 September 2024
Department: Security
Employment Type: Full Time
Location: Sofia/Plovdiv
Reporting To: Governance, Risk & Compliance Manager
Compensation: лв.50,000 - лв.55,000 / year
Description
An opportunity has become available for an InfoSec Risk & Compliance professional to support our Governance, Risk & Compliance, and Information Security operations and be part of a growing business.At Reward Gateway, we already understand that Compliance and Security are paramount to our success, reflected in the culture. Our Leadership Team is fully committed to Compliance and Information Security and you won’t have to spend time convincing stakeholders to care - you’ll be empowered to improve the company.
We have a longstanding ISO 27001 programme and are on the final stretch toward SOC2 Type II compliance. We are also working toward attaining Cyber Essentials Plus compliance, with ISO 9001 planned as well. These standards structure everything we do and enable our business to grow by providing a high level of assurance to our customers.
What you'll be doing:
- Support our control framework covering ISO 27001, SOC2 Type II, PCI DSS, Cyber Essentials Plus and (in the future) ISO 9001
- Ensure ISO readiness/compliance by conducting/supporting periodic internal audits and participate in hosting ISO registrar audits
- Assist with analysis, documentation and remediation actions for detected audit observations
- Verify implementation and effectiveness of the corrective/preventative actions
- Support the GRC Manager and process owners in developing, documenting, reviewing, and communicating company processes and procedures to incorporate best practices in Quality Management and Information Security Management
- Maintain the compliance automation platform for achieving streamlined compliance activities
- Support the Director of Information Security and Risk Owners with the risk management process
Skills, experience and knowledge you will have:
- At least 1+ year experience working in Information Security Compliance/Internal Audit
- Experience with a compliance framework (ISO27001, SOC 2 Type II, PCI DSS) would be advantageous but not essential (You’re not expected to have expertise in all these frameworks)
- Understanding of information security concepts and technology
- Previous exposure to cloud technologies and cloud security
- Experience in Document Management (incl. Good Documentation Practices) and procedure review
- Excellent English communication skills
- Comfortable with working across multiple projects, geographical locations, and assignments at once
- Have a risk-based approach to problem solving
The interview process:
- A 30 minute video interview with the Senior Talent Partner
- First stage online interview with the Governance Risk & Compliance Manager
- Final stage video interview with the Director of Information Security and the Governance Risk & Compliance Manager
At Reward Gateway, we want all of our employees to feel comfortable bringing their passion, creativity and individuality to work. We value all cultures, backgrounds and experiences, as we truly believe that diversity drives innovation. Express yourself, join our community and help us Make the World a Better Place to Work.
We hire BETTER.
From perks to people, our BETTER approach to hiring earns us more trust, happier people and more world-class talent that help us to make the world a better place to work. Find out more about Reward Gateways approach to benefits, equality, talent, technology, empathy and what you’ll get in return for joining our Mission at rg.co/lifeatrg.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
2
0
0
Categories:
Analyst Jobs
Compliance Jobs
Tags: Audits Automation Cloud Compliance Governance ISO 27001 PCI DSS Risk management SOC SOC 2
Perks/benefits: Career development
Region:
Europe
Country:
Bulgaria
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Security Operations Engineer jobsPenetration Tester jobsSenior Cybersecurity Engineer jobsSenior Cyber Security Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsPrincipal Security Engineer jobsCloud Security Architect jobsSenior Network Security Engineer jobsInformation System Security Officer jobsChief Information Security Officer jobsSenior Penetration Tester jobsStaff Security Engineer jobsSecurity Specialist jobsSecurity Consultant jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Information Security Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobsInformation System Security Officer (ISSO) jobsCybersecurity Consultant jobsThreat Intelligence Analyst jobsSenior Information Security Engineer jobs
SaaS jobsSDLC jobsMalware jobsEncryption jobsRMF jobsForensics jobsSQL jobsGDPR jobsIPS jobsSplunk jobsIDS jobsTop Secret jobsEDR jobsTerraform jobsFinance jobsDoDD 8570 jobsBash jobsITIL jobsOWASP jobsUNIX jobsCRISC jobsGIAC jobsDocker jobsIntrusion detection jobsCompTIA jobs
TCP/IP jobsThreat detection jobsBanking jobsActive Directory jobsData Analytics jobsSANS jobsPolygraph jobsCCSP jobsOSCP jobsClearance Required jobsVPN jobsCyber defense jobsAnsible jobsSOC 2 jobsIT infrastructure jobsJavaScript jobsSOAR jobsDNS jobsSOX jobsJira jobsGCIH jobsSecurity strategy jobsNIST 800-53 jobsOracle jobsCryptography jobs