Cybersecurity Risk Analyst

GLOBRECS | Global Recruitment Solutions is a Ukrainian-Polish company specializing in fast and precise recruitment. We help our clients hire top talent across Europe and North America.

We are seeking a Cybersecurity Risk Analyst for our client, a large Ukrainian product-based IT company.

RESPONSIBILITIES

• Analyze and assess IT/Information Security risks across systems and processes; provide recommendations on risk mitigation and compensating controls;
• Participate in audits of IT and security systems/processes; collaborate with business owners, product owners, development teams, SRE/DevOps, and others to identify critical information assets and determine how to protect them;
• Conduct comprehensive security assessments of IT systems and services (both internal and partner systems) using globally recognized standards and best practices;
• Act as an InfoSec expert and/or driver in IT/security projects to ensure compliance with corporate security requirements;
• Support and participate in the preparation and execution of security certifications (e.g., ISO 2700X, PCI DSS);
• Document procedures, develop corporate security standards, and contribute to technical documentation.

QUALIFICATIONS

• University degree in IT or Information Security;
• 3+ years of experience in a similar role or as an IT Auditor;
• Knowledge of ISO 2700X, SAST, NIST, PCI DSS, MITRE ATT&CK, and OWASP standards;
• Experience working in enterprise environments with a solid understanding of ITIL, SSDLC;
• Knowledge and hands-on experience with regulatory requirements: GDPR, HIPAA, and the Ukrainian Law on Personal Data Protection;
• Understanding of core methodologies for assessing and managing IT/InfoSec risks, and awareness of common IT attack vectors;
• Basic understanding of cloud platforms and cloud security principles (AWS, Azure);
• Intermediate English for working with technical documentation and preparing reports;
• Fluent Ukrainian.

WOULD BE A PLUS

• Active certifications in Information Security (e.g., ISO 2700X Implementor/Auditor, CISA, CISSP, AWS Security, etc.);
• Experience as an IT Project Manager or Security Project Manager;
• Strong practical experience with AWS (including security, monitoring tools, FinOps, etc.).

WHAT’S IN IT FOR YOU

• Full-time position with flexible hours, long-term cooperation under a private entrepreneur (FOP) or gig contract. You can also work as a Polish JDG;
• Fully remote work;
• Medical and life insurance coverage.

GLOBRECS | Global Recruitment Solutions – your success is our challenge!