IT Compliance Specialist

Job Description

The IT Compliance team is responsible for the compliance of the organisation's IT systems, networks and infrastructure in accordance with the IT industry best practices and standards. The IT Compliance Specialist will play a key role in identifying IT risks, enhancing IT processes, and recommending actionable improvements to close control gaps or boost efficiency. An important part of our role is to provide leaders and managers of the various departments in the organisation with guidance and knowledge on IT compliance risks and internal controls. Daily tasks are based on strong collaboration with other members of the organisation to develop and implement policies and procedures that will help the company achieve the expected level of maturity of its internal controls programme.

What does this role involve

• You will participate in the development and maintenance of a continuous monitoring and internal IT controls plan, to ensure compliance with regulations (such as PCI DSS, DORA, DSA, NIS2, AI Act, GDPR), recommendations from Security teams (enhancing platform security), IT Governance teams (licensing, ITSM), Internal Audit and external auditors

• Your day-to-day responsibilities will include assessing the wide range of technologies/architectures used by Allegro to understand potential risks to the business and to support the organisation's business objectives

• You will participate in the design, development and improvement of internal standards, good practices, processes and controls in the Technology area

• You will work across Allegro Group organisational structure, involving people from many different departments (primarily in the Technology area)

• You will be involved in advisory and consulting with those responsible for applications and infrastructure to enhance the maturity and reliability of IT controls and processes

• You will perform reviews of Allegro Group IT systems and procedures and assess their compliance with established policies

• You will participate in the handling of internal and external audits and manage the work to implement corrective actions for identified deficiencies

We are looking for people who

• Have 2+ years of experience in IT compliance, IT internal controls, IT auditing, or related roles,

• Possess professional knowledge of IT concepts such as logical access management, change management, DevOps, data management, and cybersecurity

• Are familiar with Agile/Scrum/Kanban methodologies

• Have practical knowledge and experience in maintaining compliance and managing audit programmes. 

• Are inquisitive, meaning that are able to effectively identify and assess the severity and potential impact of risks and communicate findings to area owners in Tech organisation

• Have a mindset, approach and soft skills allowing to build strong relations with internal partners and driving projects in cooperation with related units

• Have the ability to communicate with people at different levels of the organisation, influence and lead other teams through change with good relationships

• Are highly organized, detail-oriented, and analytical problem-solvers

• Are able to use data analysis systems (e.g. Data Studio) and produce clear and functional documentation, in such a way as to initiate the desired direction of change

• Know English on at least B2 level and Polish on at least C1 level

The following would be an advantage

• Certifications such as CIA, PCIP, CISA, CISM or CISSP

• Familiarity with IT frameworks and standards (ISO27001, NIST, PCI DSS, CCM, SAMM, ITIL, COBIT)

• Practical working-knowledge of SQL

What we offer

• A hybrid work model. Well-located offices (with fully equipped kitchens and bicycle parking facilities) and excellent working tools (height-adjustable desks, interactive conference rooms)

• Annual bonus up to 10% of the annual salary gross (depending on your annual assessment and the company's results)

• A wide selection of fringe benefits in a cafeteria plan – you choose what you like (e.g. medical, sports or lunch packages, insurance, purchase vouchers)

• English classes that we pay for related to the specific nature of your job

• Working in a team you can always count on – we have on board top-class specialists and experts in their areas of expertise

• A high degree of autonomy in terms of organising your team’s work; we encourage you to develop continuously and try out new things

• Training budget, and an internal educational platform, MindUp (including training courses on work organization, means of communications, motivation to work and various technologies and subject-matter issues)

• If you want to learn more, check it out

Why is it worth working with us

• You will be involved in the development of one of the most exciting and cutting-edge technology platforms - we are creating an international e-commerce platform for over 100,000 small and medium-sized merchants as well as big brands

• You will have the opportunity to actively participate in automating and streamlining processes related to IT service management, thus having a significant impact on the Allegro working environment

• With us you will find autonomy, product and technology innovations and a great atmosphere

• You will join a group of the best professionals in the industry who implement innovative projects and are willing to share their knowledge

• We prefer light and tailored management methods. We are constantly accompanied by change. We see it as an opportunity and a driving force for our development

• In our work, we combine a love of technology with a direct involvement in building the product

Send in your CV and see why it is #goodtobehere