Security Compliance Specialist

Skills

About the Role

You will support multiple areas of security and compliance, focusing on practical, operational tasks. You will assess supply chain cybersecurity risks, design and implement access control policies, and manage user account lifecycle. You will coordinate and execute security and compliance audits, analyze findings, and drive corrective actions. You will assist in risk identification and mitigation, conduct reviews of data processing activities for GDPR compliance, and help maintain IT asset inventories and classification. You will work with HR and other departments to embed security awareness and apply data classification consistently.

Requirements

• 2+ years experience in a security and/or compliance role with IT focus
• Knowledge of ISMS
• Knowledge of ISO 27001
• Knowledge of CRA
• Knowledge of NIS2
• Ability to communicate security concepts to technical and non-technical stakeholders
• Attention to detail
• Strong issue-resolution skills
• Proficiency in English

Responsibilities

• Conduct assessments of IT systems supply chain cybersecurity risks
• Develop and enforce security standards and protocols for suppliers
• Monitor and evaluate cybersecurity practices of suppliers and partners
• Support design and implementation of access control policies and procedures
• Manage user account setup modification and revocation
• Perform regular access reviews to ensure least-privilege
• Coordinate and execute security and compliance audits
• Analyze audit and test results to identify vulnerabilities and non-compliance
• Recommend and follow up on corrective actions
• Identify and evaluate risks to data and information systems
• Develop strategies and rules to mitigate identified risks
• Conduct regular reviews of data processing activities
• Support implementation of data protection policies with focus on GDPR
• Maintain inventory of IT assets and ensure correct classification and management
• Participate in development and enforcement of asset lifecycle policies
• Collaborate with HR to define roles and integrate into access management
• Support embedding cybersecurity awareness into the organization
• Help implement a data classification framework and handling procedures
• Ensure consistent application of the data classification scheme across departments

Benefits

• Option to receive part of compensation in bitcoin
• Flexible working hours
• Budget for professional development
• Regular company events
• Renovated offices with gym
• On-site massages
• Foosball table
• Billiards
• PlayStation
• 3D printer
• Free on-site parking
• MultiSport card
• Company mobile phone tariff