Senior Information Security Analyst
Wrocław
Look4IT
Świadczymy usługi rekrutacyjne i outsourcingowe wbranży IT dostosowane do potrzeb Twojej firmy. Poznaj nasze możliwości.
On behalf of our client, fast-growing SaaS company specializing in data reconciliation, we are currently looking for Senior Information Security Analyst to join the team on full-time basis.
Our Client provides innovative technology that enables financial institutions to normalize, validate and reconcile any type of data in personal cloud, providing firms with on-demand data integrity and insight. Our Client's mission is simple: to make managing data easy.
We are seeking a seasoned Information Security Analyst specializing in Governance, Risk, and Compliance (GRC) to support our client's internal teams and external partners. This role ensures the integrity and trustworthiness of their digital infrastructure while maintaining compliance with all relevant regulations. You will collaborate closely with the Head of Information Security, playing a crucial role in shaping the company's InfoSec landscape.
Role and duties:
Third-Party Due Diligence: Proven experience managing third-party due diligence and risk.
Security Assessments: Experience conducting Information Security assessments.
ISMS Maintenance: Experience in maintaining an established Information Security Management System (ISMS).
Risk and Incident Management: Background in Information Security risk and incident management.
Accreditation Maintenance: Experience maintaining ISO27001, SOC1, and SOC2 accreditations.
Technical Knowledge: In-depth knowledge of cloud computing environments, container-based technologies, and associated security controls and standards.
Tools Proficiency: Familiarity with Google Workspace, JIRA, and Confluence.
Collaborative Skills: Ability to thrive in a fast-paced, collaborative environment and develop innovative solutions.
Management Skills: Proficiency in delivery, stakeholder management, reporting, and risk and issue management.
Our Client provides innovative technology that enables financial institutions to normalize, validate and reconcile any type of data in personal cloud, providing firms with on-demand data integrity and insight. Our Client's mission is simple: to make managing data easy.
We are seeking a seasoned Information Security Analyst specializing in Governance, Risk, and Compliance (GRC) to support our client's internal teams and external partners. This role ensures the integrity and trustworthiness of their digital infrastructure while maintaining compliance with all relevant regulations. You will collaborate closely with the Head of Information Security, playing a crucial role in shaping the company's InfoSec landscape.
Role and duties:
- Policy Framework Development: Lead the creation and upkeep of the Information Security policy framework, ensuring alignment with risk appetite, legal requirements, and industry best practices.
- Third-Party Due Diligence: Oversee third-party due diligence activities.
- Client Security Inquiries: Manage responses to client Information Security inquiries and questionnaires.
- Knowledge Base Management: Curate and maintain an Information Security knowledge base to support Customer Success and Pre-Sales teams.
- Information Security Requests: Act as the initial point of contact for Information Security requests across the business.
- Regulatory Compliance: Lead efforts to comply with regulations, including DORA, Cyber Resiliency, and AI regulations.
- Collaboration with Engineering: Work with engineering teams to build a robust security knowledge base.
- Security Metrics: Develop and maintain security Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs).
- Security Guidance: Provide expert Information Security advice and guidance.
- Threat Landscape Awareness: Stay informed about existing and emerging threats.
- Security Culture Promotion: Collaborate with colleagues to promote a strong Information Security culture and ensure policy compliance.
- Accreditation Maintenance: Support the upkeep and compliance of ISO27001 and SOC1/2 accreditations.
- Risk Assessments: Assist with Information Security risk assessments across technology and physical locations.
Requirements
Experience: Proven commercial experience in Information Security with similar responsibilities.Third-Party Due Diligence: Proven experience managing third-party due diligence and risk.
Security Assessments: Experience conducting Information Security assessments.
ISMS Maintenance: Experience in maintaining an established Information Security Management System (ISMS).
Risk and Incident Management: Background in Information Security risk and incident management.
Accreditation Maintenance: Experience maintaining ISO27001, SOC1, and SOC2 accreditations.
Technical Knowledge: In-depth knowledge of cloud computing environments, container-based technologies, and associated security controls and standards.
Tools Proficiency: Familiarity with Google Workspace, JIRA, and Confluence.
Collaborative Skills: Ability to thrive in a fast-paced, collaborative environment and develop innovative solutions.
Management Skills: Proficiency in delivery, stakeholder management, reporting, and risk and issue management.
Benefits
- Unlimited Holiday policy.
- International projects around the world.
- Private medical care and insurance package.
- Flexible working hours, possibility working in office or hybride mode.
- Annual bonuses and employee awards.
- Multisport card.
- Trainings and conferences.
- Extra paid leave days when volunteering or participation in charity activities (up to 4 days per year).
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Category:
Analyst Jobs
Tags: Cloud Compliance Confluence Governance ISMS ISO 27001 Jira KPIs Risk assessment SaaS Security assessment SOC 1 SOC 2
Perks/benefits: Conferences Flex hours Health care Medical leave Salary bonus Startup environment
Region:
Europe
Country:
Poland
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Security Operations Engineer jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsSenior Cyber Security Engineer jobsInformation System Security Officer jobsPrincipal Security Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsCloud Security Architect jobsSenior Penetration Tester jobsChief Information Security Officer jobsStaff Security Engineer jobsSenior Information Security Analyst jobsCyber Security Specialist jobsIT Security Engineer jobsSecurity Specialist jobsCybersecurity Consultant jobsThreat Intelligence Analyst jobsSecurity Operations Analyst jobsCyber Security Architect jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsSenior Information Security Engineer jobs
RMF jobsCI/CD jobsEncryption jobsSDLC jobsMalware jobsSQL jobsGDPR jobsForensics jobsIPS jobsSplunk jobsEDR jobsTop Secret jobsIDS jobsDoDD 8570 jobsFinance jobsITIL jobsBash jobsCompTIA jobsOWASP jobsTerraform jobsUNIX jobsCRISC jobsIntrusion detection jobsDocker jobsGIAC jobs
SANS jobsTCP/IP jobsData Analytics jobsThreat detection jobsActive Directory jobsPolygraph jobsBanking jobsCCSP jobsClearance Required jobsOSCP jobsAnsible jobsVPN jobsSOAR jobsIT infrastructure jobsCyber defense jobsSecurity strategy jobsDNS jobsSOC 2 jobsJira jobsSOX jobsGCIH jobsJavaScript jobsOracle jobsCISO jobsArtificial Intelligence jobs