Information Security and Compliance Officer L646XX4W

Information Security and Compliance Officer 

Remote

Job Requirements:

• IT security and information security standards knowledge & awareness (ISO 27001)
• Knowledge in quality management systems (ISO 9001)
• Ability to implement policies and procedures by collaborating with global departments,including legal, security, IT, and GDPR teams

• At least 3 years experience in IT security, preferably in a compliance-focused role;
• Expertise in conducting risk assessments and audits
• English (level: excellent, written and spoken)
• Excellent communication skills for liaising with various stakeholders, including IT staff,management, external auditors, and Group global teams
• Ability to comply with deadlines/targets
• Organized Person

Main Responsibilities:

• Ensures our platform compliance to:
• Legal requirements (considering platform availability in multiple markets)
• Personal data protection regulations
• Information security standards and regulations
• Software development standards
• Market research standards and best practices
• Contractual agreements between and its clients
• policies and procedures
• Collaborates with global departments (legal, security, IT, GDPR teams) for implementations of the above requirements in company and Digital platform
• Implements and maintains a management system consisting of specific policies,procedures, work instructions that ensures the framework of overall Digital compliance to requirements
• Manages the certification process against ISO standards
• Answers to clients requests / questionnaires related to compliance, information security,personal data requirements

Detailed Responsibilities & Tasks:

• Collaborates with the legal and GDPR departments for the elaboration & review of Digital platform Terms & Conditions, Privacy Policy, Cookie policy
• Takes part in meetings related to platform information security, GDPR, or overall
• compliance
• Answer to clients on the security / GDPR questions / questionnaires (with the support of other technical staff available)
• Manages the overall information security system: risk assessment, risk management, design & implementation of controls of production flow
• Supervises the IT security measures implemented on all systems related to.Digital
• (application architecture, hosting, infrastructure, access rights, software used etc.)
• Performs periodical checks / audits on email alerts / notifications, user logs etc
• Takes part to implementation of security / GDPR controls in the platform
• Attends in internal and external audits on information security, GDPR, other compliance requirements and manages the implementation of the action plan resulting from the audits
• Performs planned or ad-hoc internal audits for identifying non-conformities, weaknesses, threats and ensures that adequate actions are implemented to mitigate the identified issues / risks
• Prepares presentation materials related to platform compliance to different regulations and standards
• Designs and implements the business continuity strategy & plan
• Takes part to vendor boarding and assessment on aspects related to information security and GDPR
• Creates, reviews & updates together with DPO the GDPR documentation: data protection impact assessment, personal data flow diagram, the registry of processing activities
• Creates, reviews & updates policies and procedures that are related to compliance area (IT security, GDPR etc.)
• Manages reactions, mitigations plans and corrective actions in case of security breaches or security incidents. Supports DPO in this regard if the incidents / breaches are related to personal data
• Keeps regular contact with Group decision makers & specialists for ensuring permanent adequacy of digital to Group policies and strategies on the specific competence areas (IT security, GDPR, legal etc.)
• Keeps the access rights matrix updated for all applications used and roles

• ABOUT OUR COMPANY
  

We specialized in digital research products worldwide. It encompasses a wide array of talents, ranging from IT developers, web designers, project managers, market research experts, data scientists and more.

We have a keen interest in market research and have a passion for doing new things in our industry.

We constantly explore new ways to apply technologies in the market research field.