Information Security Administrator

Szczecin, Poland

Information Security Administrator
Full Time
Apply for this job

We are Macrobond Financial - our flagship product, the Macrobond application, is a platform that combines an extensive macroeconomic and financial database with tools for analysis and smart data visualization. Right now we are looking for an Information Security Administrator - a person who will help us with formalizing information security management and entering on the track of relevant security certification.

The duties in this role will include:

  • Creation and maintenance of internal information security standards
  • Close cooperation with internal teams including product software developers, system administrators, internal helpdesk and HR
  • Ensuring that the new rules are accepted by the stakeholders and complied with
  • Communication with Macrobond suppliers related to standards compliance
  • Help in the areas of sales and support when security-related questions arise
  • Establishing information security knowledge base
  • Reporting security-related information to clients that have requested it
  • Ensuring that Macrobond operates in compliance with law requirements and contractual obligations towards its clients
  • Coordination of 3rd party security penetration tests, training, audits and – eventually – certifications
  • Coordination of information security risk assessment
  • Preparing and organizing internal information security trainings
  • Supervision of corrective actions.

Our requirements:

  • At least a few years of experience in an information security specialist role, in an environment that complies with ISO27001, SOC2 or similar
  • Familiarity with personal data protection regulations including GDPR
  • Experience in creation and implementation of security related policies, procedures, documentation
  • Fluent written and spoken English
  • Excellent interpersonal and communication skills – both spoken and written
  • Ability to influence stakeholders without having a direct reporting line
  • Attention to detail, drive to investigate and document, patience to remind and follow-up
  • Willingness to learn and to teach
  • Ability to work unsupervised
  • Very good understanding of threats that can target internet-exposed services, teams working on 3 different continents to develop and support our product.

Nice to have:

  • While this person will have high-level – administrative – responsibilities, deeply technical expertise is very welcome. Low-level understanding of computer networking, Linux & Windows environments, software development best practices, administration of servers handling clients’ sensitive data will be an advantage
  • Practical knowledge of UTM, IDS/IPS, SIEM, vulnerability scan of systems
  • Experience in post-incident investigation
  • Experience in a multi-national company
  • Relevant security certifications.

What we offer:

  • Work environment focused on utilizing your skills in the best way – still non-corporate atmosphere
  • Relevant trainings, work with 3rd party consultants who will help you with grow in your role
  • Attractive salary adequate to your skills and experience
  • Private health care, employee benefits
  • Partial remote work also post-COVID
  • And when COVID is gone - integration events.
Apply for this job