Our client: US-based cybersecurity company headquartered in New York City
Location: Remotely from Poland
Salary: 35-50 USD/h + VAT
Working time: 15:00 — 23:00
Cooperation model: B2B
Start date: ASAP
Recruitment process: 2-3 interviews (screening and two technical calls)
Our Client is a US-based cybersecurity company headquartered in New York City whose mission is to support its clients in mitigating cyber threats. They are focused on three main areas: Cyber Breach Response, Cloud Security Services, and Proactive Cyber Services. Their military-grade professionals have decades of experience in cyber operations and apply their knowledge of the attacker perspective to facilitate efficient, effective, and scalable responses to cyber breaches. Their growing team combines operational and technological disciplines with instinctual methods to keep their client’s information safe.
-> Manage existing and implement new information security related standards and compliance across the organization such as SOC 2, HIPAA, EU-GDPR and DFS, NIST 800-171;
-> Handle service requests such as SOC 2 report distribution, BAA, completing security questionnaires, query with regards to information security / compliance received;
-> Design, review and update information security policies and procedures;
-> Perform information security risk assessment and risk management;
-> Evaluate the implemented controls to identify any gap and improve the effectiveness score;
-> Conduct third party vendor risk assessment and apprise stakeholder of the risk / findings;
-> Assist with information security assessment of new or merged teams to identify gap, ensure timely remediation and cover under company’s existing information security / compliance governance;
-> Work within the team to identify, track, remove impediments to improve internal auditing process and support the automation of manual and redundant audit activities;
-> Perform internal and participate in the external audit, coordinate with the auditor and internal team for timely collection of the evidence.
-> 3+ years of experience in a similar position, supporting GRC security initiatives with a global scope and interaction requirements;
-> Deep knowledge working with frameworks such as ISO27001/27002, SSAE16, GDPR, NIST 800-171, NIST 800-53;
-> Superior analytical and critical thinking skills, organizational skills, and meticulous attention to detail;
-> Experience in implementing, managing and supporting an Information Security Management System;
-> Experience in Information Security Audit;
-> Demonstrated ability to work independently and as part of a team;
-> Excellent English skills (C1).
-> Experience in the software or technology service industry;
-> Experience in enterprise risk management;
-> Security certification such as CISSP, CISM, CIPP, or CISA.
+ A possibility to join a team of security consultants investigating computer crimes and breaches that make the headlines – and many more that don’t;
+ Great opportunity for personal development in a stable and friendly multinational company;
+ Competitive salary;
+ Remote work together with participation in global projects;
+ A possibility of growing your craft alongside like-minded professionals.