Information Security Officer in Constanţa

CRISC (junior) AWS (junior) Cloud Control (regular) CISSP (regular) SAP GRC (regular) Information Security (regular) Security (advanced) Please note that the position is 100% remote and we are open for candidates from around the world. About Severalnines: Come join the revolution as we help developers and enterprises build and move their databases to the cloud. The IDC estimates the database market will be $119B by 2025 and the fastest growing segment is DBaaS. Be part of this titanic shift, be part of the revolution, come join Severalnines and make a difference. A career at Severalnines means working alongside some of the smartest and most talented people in the open source database world. We’re headquartered in Kalmar, Sweden, and all work remotely from our home offices. Severalnines is ISO 27001 certified, and currently undergoing SOC 2 certification. Position purpose: Currently we are looking for an experienced Information Security Officer who will join our team. The Information Security Officer is the front line of defense for the safety and integrity of the company’s digital information. The ideal candidate has a strong background in information security and compliance who is looking to expand beyond the traditional security role to help foster a data protection culture within the organization. The Information Security Officer provides guidance for all aspects of the company’s security and compliance goals. Responsibilities: Compliance Management: - Participate in data governance and/or data classification - Perform compliance audits and reviews - Create and/or maintain company compliance policies and procedures - Create compliance reports and maturity metrics - Train and educate on security and compliance principles and best practices Risk Management: -Ensure that the risk management program meet risk acceptance objectives - Oversee risk analysis and risk management of internal processes, practices and standards - Design, implement and/or maintain a common risk assessment framework or risk registers by leveraging people, process and technology transformation opportunities -Recommend, document and monitor the implementation of any prescribed corrective actions resulting from risk assessments Cloud IAM and IT Support: - Understand various cloud environments e.g AWS, GCP, Cloudflare - Develop and maintain a knowledge base and expertise in identity and access management in public cloud environments - Administer cloud accounts and access controls - Perform entitlement reviews on service and user accounts Incident Management: - Track and coordinate response to incidents involving internal compliance, malware and network based attacks - Track and perform incident response and/or digital forensics on cloud assets Requirements: - Bachelor's Degree in computer science, computer engineering, information technology, or cyber security or equivalent work experience - 3+ year's experience in Information Technology and/or Security - 3+ year's experience in IT audit and compliance - 2+ year's experience with best practice cybersecurity control frameworks such as AICPA SOC 2, and the Cloud Controls Matrix. - 3+ years experience in standards such as ISO 27001 - Experience with any reputable GRC solutions - Experience working in an agile team - Demonstrated understanding of cyber risks and controls - Possesses effective communication and presentation skills - Ability to handle multiple priorities - Industry Certifications like: CISSP, CRISC, CISM/CISA, AWS certification(s), GCP certification(s) What we offer: - We offer the B2B contract with full-time employee benefits - Annual bonus based on company results - 2,000 USD budget to setup and maintain your virtual office (PC, Notebook, Headset, etc.) - 4 weeks paid vacation annually - Paid public holidays in your country - You can work from anywhere - Flexible working arrangements - Offsite team meetings at least once a year