Security GRC Specialist

WE ARE

SoftServe, founded in 1993 and headquartered in Austin, Texas, is a global digital solutions company. Our associates work on over 2,000 projects with clients in the USA, Europe, and the APAC region.

The Critical Services Center of Excellence (CoE) at SoftServe focuses on software architecture, startups, and enterprise technologies. We enhance business security through assessments, threat scenarios, and risk identification.

By designing and implementing security controls, we improve clients' security. We proactively consult on security management and analyze infrastructure to create efficient security strategies aligned with NIST CSF, SOC2, HIPAA, and PCI DSS standards.

Our solutions provide visibility of security risks, help pass compliance audits, and guide clients in data protection. As part of the SoftServe Cybersecurity team, we offer reliable security solutions and support clients through the improvement process.

We specialize in application security, security engineering, and governance risk and compliance, with team members in Poland, Ukraine, Spain, and other European countries.

IF YOU ARE

• A motivated expert with 5 years of experience in security Governance, Risk and Compliance and skilled in Cloud security engineering
• Knowledgeable in cybersecurity compliance assessments and audits, as well as program design and implementation by using approaches, techniques, and frameworks related to ISO27k, SOC2, NIST CSF, PCIDSS, HIPAA/HITRUST, FedRAMP, EU security regulation (NIS2 directive, DORA, etc.), GDPR and other privacy practices, etc.)
• Solid in security risk management approaches, frameworks, and techniques
• Skilled in cybersecurity processes design, development, implementation, and continuous improvement
• A specialist in designing and implementing administrative and technical security controls
• Adept at designing and implementing security controls for cloud-native environments
• Aware of the sSDLC process and security function within sSDLC
• Accustomed to offensive and defensive security methodologies; penetration testing and application security approaches and methods
• Confident in project management related to security projects and initiatives
• An owner of Security certification and statuses (at least one or two): ISO27001 Lead Auditor / ISO27001 ISMS Implementation, PCIDSS QSA, CPA, CISA, CISSP, CISM, CISRM, Cloud Security (AWS, GCP, Azure) or similar
  
  
  

AND YOU WANT TO

• Participate in complex security compliance projects and initiatives
• Perform security assessments on infrastructure and application levels to identify gaps, risks, and vulnerabilities and recommend appropriate remediation measures
• Develop and enforce security policies, standards, and procedures, ensuring compliance with relevant regulations and industry best practices
• Collaborate with client’s development teams to identify and remediate security risks, implement security best practices, and provide guidance on security continuous improvement
• Collaborate with cross-functional teams to educate and promote security awareness, conducting training sessions and workshops on security GRC and other security-related topics
  
  
  

TOGETHER WE WILL

• Work with the world-leading companies and engineers
• Operate on a wide range of projects and clients around the world
• Have a variety of projects with different types of challenges and requirements
• Develop your cybersecurity skills, leadership, communication, and negotiation skills
• Access strong educational and mentorship programs
• Make this world more secure
  
  
  

SoftServe is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment regardless of race, color, religion, age, sex, nationality, disability, sexual orientation, gender identity and expression, veteran status, and other protected characteristics under applicable law. Let’s put your talents and experience in motion with SoftServe