This is a unique opportunity to join an international company as a INFORMATION SECURITY COMPLIANCE MANAGER (LOCATED IN GLIWICE, POLAND), reporting to the VP and Information Security Officer. The position could be remote.
As the INFORMATION SECURITY COMPLIANCE MANAGER , you will identify, manage, and report on the company’s security, privacy, regulatory, legislative, and contractual obligations. Responsibilities will include performing reviews, assessments, and audits, conducting research, and facilitating communication to internal and external stakeholders where necessary.
We are looking for an experienced individual with a passion for security and compliance and who isn’t afraid of a challenge. The ideal candidate will have exceptional communication skills, attention to detail and the ability to work independently.
As a foundational member of the IT Security and Compliance team, you will help drive the direction of our security and compliance practice and have an impact from day one. You will ensure compliance with our audit obligations and drive continual improvement in our risk and cyber-security posture.
KEY RESPONSIBILITIES
- Lead the information security compliance programs including data protection, risk management, and compliance testing
- Provide routine direction on remediation activity to meet compliance
- Improve existing compliance programs and processes
- Design and execute audit procedures to assess and measure company compliance with its security policies and procedures
- Manage compliance testing and monitoring of current and future regulatory obligations, and other regulatory matters as required
- Conduct internal security risk assessments and security compliance audits
- Establish IT security audit procedures relevant to GDPR, TISAX, IATF, ISO27001, NIST 800-23, NIST 800-171
- Coordinate third-party audits
- Develop materials and tools to effectively communicate compliance and corporate requirements
- Collect, analyze, and prepare reports required for senior management, regulators, and other relevant stakeholders
- Document, investigate, and report cybersecurity compliance issues and incidents, where necessary
- Work with business leaders to ensure information security risk findings are reviewed and solutions are implemented
Required Skills
- Understanding of security frameworks including ISO 270001 and NIST
- Ability to “think big” and challenge conventional wisdom regarding technology refresh and hype
- Strong leadership and negotiation skills with business and technical groups
- Excellent verbal and written communication skills
- Strong project management and organization skills
- Demonstrated ability to build consensus among many stakeholders
- Comfortable with ambiguity and willing to take principled bets on new technology
- Ability to establish, implement, and enforce appropriate IT standards to meet business requirements
Required Experience