Security Analyst (GRC)

Náplň práce, právomoci a zodpovednosti:
- Assist in the implementation of information security policies, standards, and programs consistent with defined security strategy.
- Maintain, evaluate and implement policies and procedures in line with business requirements, national and international legislative changes, and applicable security standards (ISO/IEC27001:2022, PCI DSS, SOC2).
- Perform security risk assessments over business areas, their environments, and vendors to determine and remediate security gaps to security, regulatory and contractual requirements.
- Maintenance and further development of existing GRC toolset.
- Obtain and review evidence of compliance and adherence applicable security standard requirements.
- Support internal and external audits for demonstrating Information security compliance.
- Coordinate with other security teams, business areas, and partner departments to provide guidance and support in the understanding and implementation of relevant security controls.
- Support with maintenance of the Information Security Management System (ISMS).
- Assist in establishing and executing security strategy.
- Performs other duties as assigned.

Zamestnanecké výhody, benefity:
- Perspective work in a stable company with adequate financial assessment and opportunities for personal development (soft skills and technical training, language courses).
- Referral financial bonus paid for referring someone to our open job position.
- Rich social program for employees (several social events and team buildings, sport and culture possibilities).
- Free snacks for the whole day (free coffee/tea drinks, vending machines with various delicacies).
- Flexible working time, additional vacation, "bridgedays".
- Work in international and multicultural teams (divisions in 23 countries).
- Possibility of international business trips or staying abroad for certain period of time.

Požiadavky na zamestnanca:
- Professional education in Computer Science, IT or Cyber Security.
- 3+ years of experience in Information Security.
- ISO 27001 Internal Auditor/Implementer (Preferred).
- Experience with SOC2 and PCI DSS (Preferred).
- Ability to communicate fluently in English (B2).
- High degree of initiative, dependability and ability to work with little supervision.
- Efficient MS Office skills.
- Self-motivated person demonstrating good communication skills and ability to work effectively in team environment.
- Ability to work in a multicultural and virtual team environment.