Senior/Lead Security Compliance Specialist

We are seeking a proactive and detail-oriented Senior/Lead Security Compliance Specialist to join our team. The successful candidate will join a team that designs, maintains and operates Information Security Management System (ISMS) in the company. Information Security Management System defines requirements and includes several areas including: Asset management, Risk and Incident management, Human resource security, Physical security, Logical security (IT Security), Data privacy, Security on project level, Secure SDLC, Access control (physical and logical), Security for suppliers, Business Continuity, Audits and assessments.

#LI-DNI#EasyApply

Responsibilities

• Facilitate company teams, projects and locations for external security audits independently
• Manage and/or assist with company and customer security compliance requirements implementation
• Create and maintain security policies and processes with and without support from subject-matters experts
• Support production projects and sales teams with customers' questions and audits in information security area
• Perform Security internal audits independently
• Conduct internal trainings in security compliance area
• Improve ISMS

Requirements

• Significant knowledge and experience in any of the following framework/standard: ISO 27001, ISO 27701, ISO 20000, ISO 22301, COBIT, SOX, SOC1 (ISAE 3402), SOC2, PCI DSS, TISAX, other
• Experience with implementation or support of Information Security Management System (ISMS) or experience with some ISMS processes
• Experience in creation and maintenance of security policies and processes with and without support from subject-matters experts
• Readiness to manage the implementation of security compliance requirements in company offices and projects based on existing company rules and approaches
• Background in one of the following areas: Security compliance, Information security, IT processes, IT/Security audits, Hardware, Software, Network, IT Administration, User support, Software development processes
• Willingness to work in compliance area playing with big number of policies, evidences and reports
• Good communication skills (readiness to communicate with people in multinational environment, ability to communicate orally and in writing)
• English B2 or higher

Nice to have

• Experience in development and implementation of complex security compliance plan/program in security area (gap analysis -> remediation plans -> detailing tasks, managing of tasks implementation -> internal audit)
• Experience in IT/Security audits
• Experience in client contracts review and implementation of client specific controls
• Certificates in Information security/IT compliance areas

We offer

• We gather like-minded people:
  • Engineering community of industry professionals
  • Friendly team and enjoyable working environment
  • Flexible schedule and opportunity to work remotely within Poland
  • Chance to work abroad for up to 60 days annually
  • Relocation within our 50+ offices
• We provide growth opportunities:
  • Outstanding career roadmap
  • Leadership development, career advising, soft skills, and well-being programs
  • Certification (GCP, Azure, AWS)
  • Unlimited access to LinkedIn Learning, Get Abstract, O'Reilly, Cloud Guru
  • Language classes in English and Polish for foreigners
• We cover it all:
  • Stable income (Employment Contract or B2B)
  • Participation in the Employee Stock Purchase Plan
  • Benefits package (health insurance, multisport, shopping vouchers)
  • Strategically located offices featuring entertainment and relaxation zones, table tennis and football, free snacks, fantastic coffee, and more
  • Referral bonuses
  • Corporate, social and well-being events
• Please, note:
  • The set of bonuses might vary based on the role you apply for - specifics will be discussed with our recruiter during the general interview
  • We will reach out to selected candidates exclusively

EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.