Information Security Analyst in Constanţa

Confluence (nice to have) JIRA (nice to have) Customer Support (nice to have) SOC2 (nice to have) SOC1 (nice to have) iso27001 (nice to have) Cloud Computing (regular) Information Security (regular) Want to feel truly appreciated at work?At Duco, we care about our employees. We believe in giving everyone a genuine voice in what we do and how it’s done, in communicating openly and honestly, and in empowering people to succeed. We believe everyone should be able to feel proud of what they do.  This is one reason we have super-high Glassdoor scores and reviews.This is especially true of our Information Security Team.  We know it can be a tough job and often companies regard InfoSec as ‘necessary’ rather than ‘helpful’, but that isn’t the case for us.  We see them as an integral and highly-valued part of Duco’s success.  We are now growing and developing this excellent team, and where (hopefully!) you come in… An exciting role with huge scopeThe InfoSec team supports both our internal departments and our external stakeholders.  This is a high-profile role, working closely with the Head of Information Security, and will be integral in shaping the future of InfoSec within Duco. Where:The role can be based anywhere in Poland. We have an office in Wroclaw but you are allowed to work at home as well. What you’ll be doing day to day:Support the development and maintenance of the Information Security policy framework in-line with risk appetite, legislation and industry best practicesProvide Information Security advice and guidanceMaintain an awareness of the existing and emerging threat landscapeSupport the response to security incidents and vulnerabilitiesSupport the Information Security awareness training programmeSupport the response to client Information Security enquiriesWork closely with colleagues across the business to promote and strong Information Security culture and ensure compliance with Information Security policies and proceduresCurate and maintain Duco’s Information Security knowledge base in support of Duco Customer Success and Pre-Sales teamsMaintain Duco’s customer facing Information Security documentation and contentSupport maintenance and compliance of our ISO27001 and SOC1/2 accreditationProvide initial point of contact and triage for Information Security requests from across the businessSupport Information Security risk assessments across the technology stack and at physical locationsYou'll receive a fantastic reward package:Base salary reviewed annually (the starting range for this role will be 10 000 PLN - 15 000 PLN per month to fit your level of experience and the local market standard)A success-sharing bonus scheme, so we recognise and reward your effortUnlimited annual paid holiday, because we trust our people to manage their own time offFlexible working options: you can choose to work from home, at the office, or both - whatever is best for youFlexibility around working hours, as long as you’re delivering what’s neededAnnual allowance to help you make the best of your home working environmentEnhanced family leave provisionsPersonal learning and development opportunities (we dedicate budget for this)Spot rewards, so we can say thanks when you do a really great bit of workReferral bonus if we hire someone great who you’ve recommended to usEmployee of the Month and Employee of the Year awardsPrivate medical care packages: individual, partner or family Multisport cardLife insurance packageInterested?  Great!  This is what you’ll need for the role:Ideally, you’ll have:Previous experience in an Information Security or similar roleGood working knowledge of Information Security control frameworksKnowledge of cloud computing environments, container based technologies and associated security controls and standardsBonus points if you also have: Previous experience maintaining accreditations such as ISO27001, SOC1 and SOC2Previous experience supporting Information Security assessments from clients, and conduction Information Security assessments on vendors and other third-partiesKnowledge of Google Workspace, JIRA and ConfluenceComfortable working in a fast-paced and collaborative environment where you may be responsible for developing novel solutionsImportant point: If you currently can’t tick all the above boxes, please don’t let it put you off applying.  We review all applications with real interest, and we believe in supporting people’s personal development.  We’re not necessarily looking for ‘the perfect candidate’ with years of experience, gold medals and superpowers!