Security Compliance Analyst

ROMANIAN SOFTWARE digitalizeaza mediul de business romanesc de peste 23 de ani, fiind unul dintre liderii  de piata si un partener strategic pentru orice client. Peste 750 de businessuri din toata tara folosesc cu incredere colorful.hr, o platforma dedicata de HCM (Human Capital Management). Dezvoltata de compania Romanian Software, colorful.hr automatizeaza procesele de HR din orice companie: Recrutare, Administrare de personal, Pontaj electronic, Salarizare, Training, Evaluarea competentelor, Spatiul personal al angajatului, Comunicarea interna, Managementul documentelor, Bugetare, Travel – aplicatia mobila, IRIS – Asistentul virtual pentru HR.

 
Complementar, ROMANIAN SOFTWARE ofera servicii de externalizare a salarizarii si administrarii de personal, consultanta legislativa in dreptul muncii si asistenta fiscala. Compania se concentreaza si pe servicii de training in domeniul resurselor umane si salarizare, oferind o baza pentru viitorii angajati sau aprofundand cunostintele pentru specialistii care deja activeaza in acest domeniu.

 
In 2023, Romanian Software s-a alaturat grupului SD Worx, principalul furnizor european de solutii de resurse umane si salarizare. Cu o experienta de peste 75 de ani si increderea a peste 84.000 de organizatii din intreaga lume, SD Worx ofera solutii de resurse umane in peste 150 de tari. Ca urmare a acestei integrari, Romanian Software are acces la intreaga gama de software si servicii de salarizare si resurse umane ale SD Worx.

We are looking for a Security Compliance Analyst for one of our partners based in Bucharest, a multinational networking and telecommunications company.

Requirements:
• Education: Bachelor of Engineering / Bachelor of Technology (Telecommunication/ Computer Science) - preferable;
• ISO 27001 Lead Implementer, CISA, ITIL, CISSP, and CISM certifications will be an advantage;
• At least 4 years of experience in IT;
• 2 years in Security Governance, Risk and Compliance (GRC);
• Good documentation, analysis skills;
• English is a must.

Technical competencies:
• Good knowledge and understanding of information security;
• Good understanding of ISMS (Information Security Management System);
• ISO 27001 standard and prior experience of conducting IT audits;
• Knowledge of data privacy and GDPR.

• Ensure that Information Security Requirements for the specific contract will be adhered to and maintained;
• Perform periodic risk and security assessments, review and propose updates to the Information Security Requirements based on risk and security assessments;
• Maintain the personnel’s awareness of up-to-date security policies and procedures;
• Perform periodic checks that only the authorized persons have access rights to information, systems, and facilities, and report findings;
• Perform periodic review of baseline security standard for the operating systems and network devices;
• Track closure of identified gaps and report compliance periodically;
• Ensure that all relevant security process and procedure documents are up to date and reviewed periodically;
• Perform periodic review of the contracted customer delivery against ISO27001 standard.

Benefits:
• Medical insurance;
• Meal tickets;
• 25 vacation days/year;
• Work from anywhere.