We are Macrobond Financial - our flagship product, the Macrobond application, is a platform that combines an extensive macroeconomic and financial database with tools for analysis and smart data visualization. Right now we are looking for an Information Security Administrator - a person who will help us with formalizing information security management and entering on the track of relevant security certification.
The duties in this role will include:
- Creation and maintenance of internal information security standards
- Close cooperation with internal teams including product software developers, system administrators, internal helpdesk and HR
- Ensuring that the new rules are accepted by the stakeholders and complied with
- Communication with Macrobond suppliers related to standards compliance
- Help in the areas of sales and support when security-related questions arise
- Establishing information security knowledge base
- Reporting security-related information to clients that have requested it
- Ensuring that Macrobond operates in compliance with law requirements and contractual obligations towards its clients
- Coordination of 3rd party security penetration tests, training, audits and – eventually – certifications
- Coordination of information security risk assessment
- Preparing and organizing internal information security trainings
- Supervision of corrective actions.
- At least a few years of experience in an information security specialist role, in an environment that complies with ISO27001, SOC2 or similar
- Familiarity with personal data protection regulations including GDPR
- Experience in creation and implementation of security related policies, procedures, documentation
- Fluent written and spoken English
- Excellent interpersonal and communication skills – both spoken and written
- Ability to influence stakeholders without having a direct reporting line
- Attention to detail, drive to investigate and document, patience to remind and follow-up
- Willingness to learn and to teach
- Ability to work unsupervised
- Very good understanding of threats that can target internet-exposed services, teams working on 3 different continents to develop and support our product.
Nice to have:
- While this person will have high-level – administrative – responsibilities, deeply technical expertise is very welcome. Low-level understanding of computer networking, Linux & Windows environments, software development best practices, administration of servers handling clients’ sensitive data will be an advantage
- Practical knowledge of UTM, IDS/IPS, SIEM, vulnerability scan of systems
- Experience in post-incident investigation
- Experience in a multi-national company
- Relevant security certifications.
What we offer:
- Work environment focused on utilizing your skills in the best way – still non-corporate atmosphere
- Relevant trainings, work with 3rd party consultants who will help you with grow in your role
- Attractive salary adequate to your skills and experience
- Private health care, employee benefits
- Partial remote work also post-COVID
- And when COVID is gone - integration events.