(fluent English) IT Compliance and Audit Specialist

Have you always dreamed of building a career in information security? Do you have an analytical mindset and a keen eye for detail?

We are looking for an IT Compliance & Audit Specialist who is eager to expand their knowledge in information technology and cybersecurity, as well as gain experience working in an international IT company.

You will work on a wide range of tasks related to information security to support the company's operations together with our Security Department.

Sounds interesting? There's more to come 💛

What you will do:

• Manage certification preparation processes (ISO, PCI DSS, SOC 2, etc.) and conduct them in accordance with relevant requirements (HIPAA, GDPR, CCPA, etc.)
• Monitor compliance of IT infrastructure with security standards;
• Collaborate with auditors and certification bodies;
• Monitor changes in legislation and security standards;
• Create documentation on policies and processes;
• Handle security requests from clients (external and internal);
• Develop and conduct internal audits;
• Assess risks and monitor compliance with security requirements;
• Prepare and conduct training on information security and compliance requirements.

What you need to succeed in this role:

• 3+ years of proven experience in information security, audit or compliance sphere(s);
• Degree in information technology, cybersecurity, law or risk management;
• Certifications (one or more) are desirable:
  - ISO 27001 Lead Implementer / Lead Auditor;
  - CISM (Certified Information Security Manager);
  - CISA (Certified Information Systems Auditor);
  - CISSP (Certified Information Systems Security Professional);
  - CIPP/E or CIPM (for GDPR);
  - PCIP, ISA or QSA (for PCI DSS).
• Experience in external audits and certification preparation;
• Knowledge of risk management principles;
• Skills in conducting GAP analysis and internal audits;
• Outstanding analytical skills and attention to detail; 
• Excellent English skills (for interacting with auditors, writing policies and reports, communicating with clients).

Would be a plus:

• Experience working in the financial and/or tech industry that handles sensitive data;
• Experience in automating compliance processes (GRC platforms, ISMS systems);
• Knowledge of DevSecOps approaches for integrating security into the development lifecycle.

Benefits and Perks:

• Business hours;
• Opportunity to work fully remotely;
• Creative and unique art offices;
• Inclusive international environment;
• Compensation in USD;
• Good bonuses for referring friends;
• Paid intensive training and probation;
• Mind-blowing corporate events and social activities;
• Work-life balance;
• Responsive management interested in your growth and long-lasting cooperation;
• Greenhouse conditions for self-development.