Job Opportunities in Poland


October 8, 2024

Spyrosoft

Wrocław


Information Security Officer (Compliance Assurance)

Requirements
  • Professional experience with ISO27001
  • +3 years of experience in Information Security related roles
  • Familiarity with GDPR, NIS2, CRA
  • Familiarity with TISAX
  • Fluent English
Project Description
The Information Security Officer (Compliance Assurance) is responsible for maintaining and enhancing the organization’s information security compliance framework. This role would be a part of independent Quality and Compliance department, reporting directly to Head of Quality and Compliance. The assignment includes ensuring adherence to ISO/IEC 27001, TISAX standards, GDPR, NIS2, and other applicable regulations and standards. In addition to internal compliance, the role involves client-facing activities, providing consultancy on compliance and security matters, and conducting client-specific environment assessments to strengthen the security posture of client networks and systems. This person will work cross-functionally across departments and with clients to develop, implement, and monitor policies and procedures that uphold the organization’s security posture and compliance status.
Main responsibilities
  • Conduct internal ISO/IEC 27001 audits, preparing for external audits, and maintaining ISO/IEC 27001 certification.
  • Support the maintenance of Spyrosoft Integrated Management System to ensure compliance with implemented standards and regulations.
  • Identify, analyze, and document compliance gaps, proposing and overseeing remediation efforts.
  • Draft, review, and update security policies, standards, and procedures to reflect changes in regulatory requirements and best practices
  • Participate in processes reviews, improvement initiatives
  • Prepare and present detailed reports on compliance status, audit findings, and mitigation progress for both internal and client environments.
  • Provide consultancy to clients on compliance with security standards and regulation.
  • Conduct security assessments within the client’s environment to evaluate compliance and security controls, providing actionable recommendations for improvement.
  • Serve as a trusted advisor to clients, responding to queries, supporting their compliance journey
Position requirements
Technical Skills
  • 3+ years of experience in information security, compliance, or risk management roles, preferably in a IT industry.
  • In-depth knowledge of ISO/IEC 27001 and Info Sec-related regulations (GDPR, NIS2, CRA)
  • Proven experience in conducting ISO/IEC 27001 audits (full scope) and maintaining an ISMS (controls assessment, nonconformity and corrective actions management, improvement actions facilitation)
  • Strong knowledge of GDPR requirements and best practices for data protection.
  • Familiarity with the NIS2 Directive
  • Familiarity and understanding of security tools like Firewall, WAF, EDR, SIEM, IDS/IPS, DLP, Vulnerability Scanners
  • Familiarity and experience with TISAX would be an advantage
  • Familiarity and experience in working with other ISO-based Management Systems would be an advantage
  • Fluent English
Soft Skills
  • Strong analytical skills, with a keen eye for detail and a proactive approach to problem-solving.
  • Excellent communication skills, with the ability to clearly explain complex compliance requirements to technical and non-technical stakeholders.
  • Can-do attitude and willingness to learn
  • Ability to work independently and manage multi-contextual assignments
  • Strong ethical standards and commitment to maintaining the confidentiality and integrity of sensitive information. Nice to have:
  • ISO/IEC 27001 Lead auditor certification
  • CISA certification

BENEFITS
More reasons to work with us
add_home_work
Work from home or the office
Depending on the position, you can work remotely, from the office or in a hybrid model.

sync_saved_locally
Top-of-the-line equipment
We provide the equipment that best suits your needs and the requirements of your role.

redeem
Training budget
Use your personal training budget to gain new skills and knowledge.

diversity_2
Internal initiatives
Take part in our knowledge-sharing meetups organised by and for tech enthusiasts.

stethoscope
Private health insurance
Keep your health in check with easy access to medical professionals.

Latest Job Opportunities


October 18, 2024

IVIA
Kierownik pracowni mostowej

Katowice

OTHER

View Details

October 18, 2024

ZRE KATOWICE
Elektromonter Automatyki

Zabrze

OTHER

View Details

October 18, 2024

Auto Partner
Operator / Operatorka wózka widłowego

Bieruń

OTHER

View Details

October 18, 2024

Fundacja Unia Bracka
Lekarz pediatra w Zabrzu

Zabrze

OTHER

View Details

October 18, 2024

Fundacja Unia Bracka
Lekarz pediatra w Mysłowicach

Mysłowice

OTHER

View Details

Similar Jobs


September 11, 2024

Orsted
Information Security Specialist for Offensive Security

Warszawa

OTHER

View Details

October 10, 2024

KRUK S.A.
Local Information Security Officer

Wrocław

OTHER

View Details

October 14, 2024

iCRC
Assistant and Information Management Officer

Warszawa

FULL TIME

View Details

September 17, 2024

Raben Management Services
Group Information Security Expert (m/w/x*)

Robakowo

View Details

October 16, 2024

AgileEngine
Junior/Middle Information Security Specialist ID22147

Kraków

FULL TIME

View Details

September 12, 2024

Montrose Software
Information Security Officer

Kraków

View Details

New Jobs from This Company


October 16, 2024

Spyrosoft
Staff Augmentation Partner (Szczecin or Wrocław)

Wrocław

View Details

October 15, 2024

Spyrosoft
Content Specialist with headless CMS

Szczecin

View Details

October 9, 2024

Spyrosoft
Senior Java Software Engineer – IAM

Szczecin

View Details

October 3, 2024

Spyrosoft
QA Automation Test Engineer (Python)

Szczecin

View Details

September 25, 2024

Spyrosoft
Client Engagement Specialist

Szczecin

View Details