Continuous risk assessment of the current information security framework, challenging the effectiveness of controls embedded in the business units to ensure compliance both with internal security policies, applicable legislation, regulations (e.g. GDPR) and industry standards (e.g. ISO27001/2, 27017, 27018 & CIS)
Developing identity and access management procedures, review of the implementation of controls, conducting periodic user access reviews
Perform security reviews of third parties who provide solutions and / or process data for the organisation.
Developing, implementing and maintaining a comprehensive plan to secure our computing network
Developing and implementing information security policies and standards
Implement effective and appropriate controls and measures to protect systems and data
Maintain and ensure continuous compliance with ISO27001, ISO 27017 and ISO27018, GDPR and other applicable regulations
Coordinate independent audit activities, including internal audits, external audits and penetration testing and facilitating responses to audit evidence requests and subsequent audit actions
Monitoring network usage to ensure compliance with security policies.
Keeping up to date with developments in IT security standards and threats.
Taking the lead in identifying, assessment and correctly handling and follow up of security events, incidents and vulnerabilities
Driving and ensuring security awareness,Development and maintenance of information security training
Collaborating with management and the IT department to improve security.
Being the point of contact for the information security
Documenting any security breaches and assessing their damage.
Educating colleagues about security software and best practices for information security.
You should have
Advanced university degree in field of IT risk management, computer sciences, information management or related disciplines.
CISSP, CSSP, CISM, Cybersecurity or similar certifications.
ISO 27001 Lead Implementer or Lead Auditor certification.
Experience in a similar role, more than one reference or a freelancer experience is a plus.
Analytical thinking and strong problem solving skills.
Benefits
The opportunity to quickly advance in your career.
Great remuneration package.
Be part of a remote-first (not hybrid) company. It means we will not require you to come to any kind of office at any time. You can keep living in a remote village as far as there is internet. We meet up time to time, but these are all occasional offsite meetings.
International vibe: we have 90+ colleagues from 10 different nationalities.
You will have a strong team around you to support you in reaching your goals