Information Security Controller, Poland

Information Security Controller, Poland
Full Time
Apply for this job

We are Macrobond Financial - our flagship product, the Macrobond application, is a platform that combines an extensive macroeconomic and financial database with tools for analysis and smart data visualization. We are now looking for an Information Security Coordinator: a person who will help us formalize information security management and get on track of relevant security certification.


The main responsibilities will include:


  • Maintenance of internal information security standards, creation of formal security policies
  • Ensuring compliance with information security rules by all stakeholders
  • Communication with Macrobond business partners related to compliance with standards
  • Establishing an information security knowledge base in the organization
  • Helping other departments, like sales and support, when clients raise security-related questions
  • Ensuring that Macrobond operates in accordance with legal requirements and our contractual obligations
  • Close cooperation with internal teams on information security standards and data protection
  • Coordination of security tests, audits, and certifications, organizing information security trainings
  • Coordination of information security risk assessment
  • Supervising corrective actions
  • In not so distant future - building an information security team to manage.


Our requirements:


  • A couple years of experience in a similar role, in an environment compliant with ISO27001, SOC2 or similar
  • Familiarity with personal data protection regulations, including GDPR
  • Experience in creation and implementation of security related policies, procedures, documentation
  • Fluent written and spoken English
  • Excellent interpersonal and communication skills – both spoken and written
  • An ability to influence stakeholders without having a direct reporting line and to manage your own work
  • Attention to detail, a drive to investigate and document, patience to remind and follow-up
  • Willingness to learn and to teach
  • Very good understanding of threats that can target internet-exposed services
  • Nice to have: some technical expertise that can include understanding of computer networking, software development or servers administration etc.
  • Experience in a multinational company, in post-incident investigation, and/or security certifications will be an asset but are not essential.


What we offer:


  • Work environment focused on using your skills in the best way – still in a non-corporate atmosphere
  • Relevant training, work with 3rd party consultants who will help you with grow in your role
  • An attractive salary adequate to your skills and experience
  • Private health care, employee benefits
  • Partial remote work also post-COVID
  • Integration events - online or offline.

Apply for this job