Security Governance Specialist

Summary

Join Docplanner as a Security Governance Specialist and play a vital role in maintaining the company's information security framework. You will develop and maintain security policies, procedures, and standards, ensuring alignment with business objectives and regulatory compliance. Responsibilities include monitoring the security governance framework, managing compliance, contributing to security awareness programs, and preparing compliance reports. The ideal candidate possesses experience in information security governance, risk management, and relevant security standards. Docplanner offers a competitive salary, flexible work arrangements, comprehensive health benefits, professional development opportunities, and a supportive work environment.

Requirements

• Experience taking part in internal and or external audits
• 1-3 years of experience in information security governance
• Significant risk management experience
• Knowledge of relevant security standards and frameworks (e.g., ISO 27001, SOC 2)
• Experience of Security Governance tooling
• Understanding of regulatory requirements, such as GDPR
• Excellent communication and collaboration skills, with the ability to work across various departments
• Strong analytical and problem-solving skills
• Detail-oriented with a commitment to maintaining accuracy in documentation
• Ability to adapt to a dynamic and fast-paced environment
• Self-starter and free thinker

Responsibilities

• Develop and maintain information security policies, procedures, and standards in alignment with industry best practices, regulatory requirements, and organisational goals
• Assess the policy framework in support of continuous improvement and suggest positive changes where appropriate
• Monitor the performance of the security governance framework
• Define and report on suitable and meaningful metrics
• Assist in identifying and understanding regulatory requirements and standards relevant to the organisation
• Liaise with local entities and subject matter experts to assist with compliance requirements from customers, investors or legislators
• Assist in the planning and execution of internal and external audits
• Contribute to the development of security awareness programs and training materials
• Collaborate with the Security Awareness and Training Specialist to educate employees about security policies and best practices
• Maintain the repository of security policies, procedures, and standards
• Prepare and distribute reports on compliance status, governance efforts, and security metrics to management
• Assist in the identification, assessment and reporting of risks across the organisation
• Monitor the compliance of risk management activities
• Liaise with the Head of Risk and Compliance and other key stakeholders
• Stay informed about emerging security threats, regulations, and best practices
• Propose and implement improvements to the security governance framework based on industry trends and organisational needs

Preferred Qualifications

ISO 27001 Lead Auditor or Implementor certification

Benefits

• A salary adequate to your experience and skills. The range is broad so that we can accommodate our roles for all levels of experience, but we will show you the career ladder to explain where we see your skills and impact within the company". Your salary will be, now and always, 100% transparent to you
• For B2B contract: between 19 500 and 26 000 PLN net monthly or company cost equivalent on employment contract
• Share options plan after 6 months of working with us
• Remote or hybrid work model with or hub in Warsaw
• Flexible working hours (fully flexible, as in most cases you only have to be on a couple of meetings weekly)
• 20/26 days of paid time off (depending on your contract)
• Additional paid day off on your birthday or work anniversary (you choose what you want to celebrate)
• Private healthcare plan with Signal Iduna for you and subsidized for your family
• Multisport card co-financing for you to have access to sports facilities across Poland
• Access to iFeel , a technological platform for mental wellness offering online psychological support and counseling
• 20% time rule: spend 20% of your working hours on your own growth
• Free English classes