Information Security and Compliance Officer L646XX4W
Bucharest, Bucharest, Romania
AMS Accelerate IT
< Our IT recruitment services in Romania/> Learn More For companies Looking to accelerate your business with new teammates? Contact now! [WHAT WE OFFER_] < WeInformation Security and Compliance Officer
Remote
Job Requirements:
- IT security and information security standards knowledge & awareness (ISO 27001)
- Knowledge in quality management systems (ISO 9001)
- Ability to implement policies and procedures by collaborating with global departments,including legal, security, IT, and GDPR teams
- At least 3 years experience in IT security, preferably in a compliance-focused role;
- Expertise in conducting risk assessments and audits
- English (level: excellent, written and spoken)
- Excellent communication skills for liaising with various stakeholders, including IT staff,management, external auditors, and Group global teams
- Ability to comply with deadlines/targets
- Organized Person
Main Responsibilities:
- Ensures our platform compliance to:
- Legal requirements (considering platform availability in multiple markets)
- Personal data protection regulations
- Information security standards and regulations
- Software development standards
- Market research standards and best practices
- Contractual agreements between and its clients
- policies and procedures
- Collaborates with global departments (legal, security, IT, GDPR teams) for implementations of the above requirements in company and Digital platform
- Implements and maintains a management system consisting of specific policies,procedures, work instructions that ensures the framework of overall Digital compliance to requirements
- Manages the certification process against ISO standards
- Answers to clients requests / questionnaires related to compliance, information security,personal data requirements
Detailed Responsibilities & Tasks:
- Collaborates with the legal and GDPR departments for the elaboration & review of Digital platform Terms & Conditions, Privacy Policy, Cookie policy
- Takes part in meetings related to platform information security, GDPR, or overall
- compliance
- Answer to clients on the security / GDPR questions / questionnaires (with the support of other technical staff available)
- Manages the overall information security system: risk assessment, risk management, design & implementation of controls of production flow
- Supervises the IT security measures implemented on all systems related to.Digital
- (application architecture, hosting, infrastructure, access rights, software used etc.)
- Performs periodical checks / audits on email alerts / notifications, user logs etc
- Takes part to implementation of security / GDPR controls in the platform
- Attends in internal and external audits on information security, GDPR, other compliance requirements and manages the implementation of the action plan resulting from the audits
- Performs planned or ad-hoc internal audits for identifying non-conformities, weaknesses, threats and ensures that adequate actions are implemented to mitigate the identified issues / risks
- Prepares presentation materials related to platform compliance to different regulations and standards
- Designs and implements the business continuity strategy & plan
- Takes part to vendor boarding and assessment on aspects related to information security and GDPR
- Creates, reviews & updates together with DPO the GDPR documentation: data protection impact assessment, personal data flow diagram, the registry of processing activities
- Creates, reviews & updates policies and procedures that are related to compliance area (IT security, GDPR etc.)
- Manages reactions, mitigations plans and corrective actions in case of security breaches or security incidents. Supports DPO in this regard if the incidents / breaches are related to personal data
- Keeps regular contact with Group decision makers & specialists for ensuring permanent adequacy of digital to Group policies and strategies on the specific competence areas (IT security, GDPR, legal etc.)
- Keeps the access rights matrix updated for all applications used and roles
- ABOUT OUR COMPANY
We specialized in digital research products worldwide. It encompasses a wide array of talents, ranging from IT developers, web designers, project managers, market research experts, data scientists and more.
We have a keen interest in market research and have a passion for doing new things in our industry.
We constantly explore new ways to apply technologies in the market research field.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Compliance GDPR ISO 27001 Privacy Risk assessment Risk management Strategy
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.