Information Security Compliance Lead (offline)

WHAT YOU WILL BE DOING:

- Define requirements and manage the ISMS that includes various areas (such as asset management, risk management, audits, IT processes, IT security, Development process, physical security, HR security, business continuity, vendor security, security in compliance, etc);
- Support the Secure Development Lifecycle Process in Engineering;
- Conduct internal audits within the information security system;
- Support of external / certification audits such as ISO 27001, SOC2, audits by clients;
- Build and maintain risk assessment and incident management processes
- Perform security review of our vendors;
- Оrganise trainings & phishing simulation to improve a security posture across the company;
- Collaborate cross-functionally to build and strengthen information security and privacy across our product and infrastructure;
- Manage penetration testing through a partner (Bugcrowd).

YOUR COMPETENCY PROFILE:

- 3+ years of experience in Information Security;
- Solid experience with information systems audit;
- Risk management experience;
- Incident management experience;
- Project Management skills within a software development lifecycle;
- Vulnerability analysis experience;
- Knowledge of BCP/DRP process;
- Experience in driving programs necessary to achieve compliance with relevant security and privacy regulations (i.e. ISO 27001, SOC 2, GDPR or equivalent certifications);
- English level: Upper-intermediate or higher.

NICE TO HAVE:
- CISA/CISSP certification;
- Experience with SAST (Static Application Security Testing) and/or DAST (dynamic application security testing)

WE OFFER:

- Flat organizational structure;
- OKR-based planning;
- Opportunities for professional development and personal growth;
- Unlimited budget for learning and development activities;
- Social wellness package for medical insurance, sports, and health-related activities;
- Flexible schedule and possibility to work entirely remotely;
- Corporate events, holiday celebrations, team building activities.

About iDeals

Our Culture

Commitment, Excellence, Collaboration, Trust and Care are core values to the iDeals team. For us, these are the principles that every iDealer lives and breathes. We are on the lookout for like-minded individuals who share our values. By doing so, we are able to create a team where talents feel at ease and are able to work to the best of their abilities.

Commitment and Excellence inspire us to set the bar high, achieve the most ambitious goals and push the limits further. Our diversity and different perspectives are the foundation of our success.

Collaboration and Trust ensure that everyone has access to all the information, proactively shares thoughts, and leverages the teammates’ diverse opinions, experiences, and backgrounds. Both values help us to solve the most challenging problems.

Care drives us to create a positive work environment and make everyone feel valued. We also stand for iDealers’ physical, mental, financial, and personal well-being and encourage a healthy lifestyle and active living.

iDealers work in a remote-first model, meaning we collaborate from anywhere – either at home, cafe, co-working space, or in one of our offices. Some roles may have specific location-based requirements, including in-office and client interactions. Despite being located across the globe, we stay connected through the latest tools and technologies, ensuring that everyone on our team feels surrounded by teammates and engaged with our common goals.

iDeals is an equal opportunity employer

iDeals is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people from all walks of life. We don’t discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship.

Company website:
https://ideals.jobs

DOU company page:
https://jobs.dou.ua/companies/ideals-solutions/