Information Security Compliance Lead

Kyiv or remote from Ukraine
Security

International product B2B SaaS company — iDeals is hiring for an Information Security Compliance Lead.

The complexity of our challenges is growing rapidly as the company is experienced rapid growth, so we`re looking for a specialist who will manage and oversee company-wide information security strategy, design, maintain and operate information security management system (ISMS) and lead the effort for security certification (SOC2, ISO27001).

WHAT YOU WILL BE DOING:

  • Define requirements and manage the ISMS that includes various areas (such as asset management, risk management, audits, IT processes, IT security, Development process, physical security, HR security, business continuity, vendor security, security in compliance, etc)
  • Support the Secure Development Lifecycle Process in Engineering
  • Conduct internal audits within the information security system
  • Support of external / certification audits such as ISO 27001, SOC2, audits by clients
  • Build and maintain risk assessment and incident management processes
  • Perform security review of our vendors
  • Оrganise trainings & phishing simulation to improve a security posture across the company;
  • Collaborate cross-functionally to build and strengthen information security and privacy across our product and infrastructure;
  • Manage penetration testing through a partner (Bugcrowd).
  • YOUR COMPETENCY PROFILE:

  • 3+ years of experience in Information Security;
  • Solid experience with information systems audit;
  • Risk management experience;
  • Incident management experience;
  • Project Management skills within a software development lifecycle;
  • Vulnerability analysis experience;
  • Knowledge of BCP/DRP process;
  • Experience in driving programs necessary to achieve compliance with relevant security and privacy regulations (i.e. ISO 27001, SOC 2, GDPR or equivalent certifications);
  • English level: Upper-intermediate or higher.
  • NICE TO HAVE:
  • CISA/CISSP certification;
  • Experience with SAST (Static Application Security Testing) and/or DAST (dynamic application security testing)
  • WE OFFER:

  • Flat organizational structure;
  • OKR-based planning;
  • Opportunities for professional development and personal growth;
  • Unlimited budget for learning and development activities;
  • Social wellness package for medical insurance, sports, and health-related activities;
  • Flexible schedule and possibility to work entirely remotely;
  • Corporate events, holiday celebrations, team building activities.
  •  


    Since 2008, iDeals has won the trust of half a million business users. We have supported thousands of customers to run high-value and mission-critical projects, from the cross-border of multi-billion-dollar assets to the development of revolutionary biotech products. Commitment to excellence has made iDeals the choice of big names, as well as ambitious startups. The growth goes on: the team is getting stronger; our client base and revenues are increasing year on year.

    With us, you will grow professionally by doing work you can be proud of, receive top-market compensation, and collaborate with a motivated and diverse team.

    iDeals is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people from all walks of life. We don’t discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship.