Information Security Analyst

Do you want to join us on an ambitious mission to secure the digital world?

Keepit is looking for an Information Security Analyst to join our Information Security Department in Krakow, Poland.

As the business is growing so is the effort required to design, implement, execute, review and refine security practices throughout the organisation.

Documentation, third-party auditing and certification are important work areas as they allow our organisation to continuously improve and they provide our global customer base assurance that our company and our service can be trusted to look after the most important data of our customers.

Primary Responsibilities:

• Maintaining risk management processes within ISMS
• Supporting in development and maintaining relevant documentation
• Maintaining ISMS
• Implement relevant Risk’s controls in cooperation with internal teams within all functions
• Involvement in preparation and passing audits
• Processing of customer`s request
• Review information security assessment for our new vendors
• Involvement in our awareness and education programs
• Managing communication about security controls

You need to have a good understanding of information security in general and a reasonably technical foundation to understand the threats, risks and mitigation that can apply to building and operating a cloud service trusted to hold the data of customers across the planet. You are able to find, read and understand regulatory and legal texts and compare our solution and our security posture to the requirements in such texts. Such comparisons can form the basis for changes in product, processes or contracts with customers. You understand the difference between "risk management" and "risk avoidance".

Required skills:

• At least 1 year of experience or degree in cybersecurity or governance, risk and compliance (GRC) in a technology company
• Effective communication skills (oral and written) at all levels of the organization
• Ability to systematize data and offer effective solutions in conditions of limited time
• Understanding of Risk Analysis and Compliance approach
• Sufficient technical foundation to understand larger internet-based systems
• Responsibility, stress resilience and emotional stability
• Ability to work in a friendly team
• Understanding of information security, especially ISO 27001 standard
• Good knowledge of Project/Product IT lifecycle
• At least a B2-C1 level of English
• Task-oriented approach

Bonus skills:

• Experience bridging policy and implementation
• Experience with various security certifications implementation within the organization
• Eager to learn, develop in the subject, open to new challenges

A fair and transparent recruitment process

During the recruitment process, you can expect the following stages:

CV screening, Recruitment interview, Technical interview, and Final interview.

You will be assessed according to the criteria below:

1. Technical Skills: We are seeking candidates who understand and is passionate about new technology, but you do not have to know how to code for this position.
2. Soft Skills: We prioritize candidates who demonstrate strong analytical and problem-solving skills, effective teamwork and collaboration abilities, and excellent communication skills
3. Language: English is a preferred language, and we expect you to be fluent in it, both written and spoken.
4. Logical Thinking: We emphasize the ability to systematically analyze situations, evaluate information, and make reasoned decisions.

We offer:

• Official employment – Umowa o pracę contract
• 4 additional working days of vacation leave per full calendar year
• 3 days of internal sick leave without a doctor`s note
• Health and Life Insurance
• Employee Capital Plan (PPK)
• Multisport card compensation
• Coverage of professional training sessions, meetups, etc.
• English-speaking club with native speakers
• Polish language classes
• Internet and Glasses reimbursement
• Cosy office in Krakow city centre (Długa, 72) with beverages, fruit, and cookies
• Winter and summer parties, events, team-buildings

We kindly ask you not to provide us with any sensitive categories of personal data when applying for a job with us. When applying for the vacancy, Keepit will process your personal data, and therefore we recommend that you also read our privacy policy, which describes our processing of personal data and your rights as a data subject.