Information Security Compliance Engineer
⚲ Wrocław
13 440 - 20 160 PLN (B2B)
Wymagania
- Security
- ISO
- IEC
- Audits
- GDPR
- Analytical skills
- AI (nice to have)
- TISAX (nice to have)
- VDA ISA (nice to have)
- ISO 9001 (nice to have)
- ISO 270001 (nice to have)
- CISA (nice to have)
Opis stanowiska
O projekcie:
About the role
We are looking for an Information Security Compliance Engineer to join our Quality & Compliance team. You will support the development of our security framework, internal audits, and client-facing compliance activities, ensuring alignment with international standards and regulations.
Tech stack:- ISO/IEC 27001 (ISMS)- TISAX / VDA ISA- GDPR- NIS2- ISO-based management systems (e.g., ISO 9001)
Project description:
You will join an independent Quality & Compliance function and help maintain and develop the organization’s information security compliance framework. The role includes internal assurance work (e.g., internal audits and continuous improvement) and client-facing activities (e.g., customer audits, security questionnaires, and due diligence). You will act as a trusted advisor for both internal stakeholders and external clients, providing clear and actionable guidance on security and compliance topics.
Wymagania:
- 2–4 years of experience in information security / compliance / risk (IT environment preferred)- Practical knowledge of ISO/IEC 27001 (ISMS, audits, controls, corrective actions)- Good understanding of GDPR and data protection- Familiarity with NIS2- Ability to assess security controls (governance perspective)- Very good English (spoken and written)- Strong analytical skills and attention to detail- Ability to communicate clearly with technical and non-technical stakeholders- Self-driven mindset and ability to manage multiple topics independently- Professional approach, high integrity, and attention to confidentiality
Nice to have:- Experienced in using AI tools in day-to-day workflow- Experience with TISAX / VDA ISA- Knowledge of ISO 9001 or similar- ISO 27001 Lead Auditor or CISA certification- Experience in consulting roles
Codzienne zadania:
- Maintain and improve ISMS (ISO 27001, TISAX)
- Support internal and external audits
- Identify compliance gaps and track improvements
- Create and update policies, standards, and procedures
- Support GDPR, NIS2, and other regulatory requirements
- Assist with customer audits and security questionnaires
- Provide basic advisory support to clients
- Conduct high-level security and compliance assessments
About the role
We are looking for an Information Security Compliance Engineer to join our Quality & Compliance team. You will support the development of our security framework, internal audits, and client-facing compliance activities, ensuring alignment with international standards and regulations.
Tech stack:- ISO/IEC 27001 (ISMS)- TISAX / VDA ISA- GDPR- NIS2- ISO-based management systems (e.g., ISO 9001)
Project description:
You will join an independent Quality & Compliance function and help maintain and develop the organization’s information security compliance framework. The role includes internal assurance work (e.g., internal audits and continuous improvement) and client-facing activities (e.g., customer audits, security questionnaires, and due diligence). You will act as a trusted advisor for both internal stakeholders and external clients, providing clear and actionable guidance on security and compliance topics.
Wymagania:
- 2–4 years of experience in information security / compliance / risk (IT environment preferred)- Practical knowledge of ISO/IEC 27001 (ISMS, audits, controls, corrective actions)- Good understanding of GDPR and data protection- Familiarity with NIS2- Ability to assess security controls (governance perspective)- Very good English (spoken and written)- Strong analytical skills and attention to detail- Ability to communicate clearly with technical and non-technical stakeholders- Self-driven mindset and ability to manage multiple topics independently- Professional approach, high integrity, and attention to confidentiality
Nice to have:- Experienced in using AI tools in day-to-day workflow- Experience with TISAX / VDA ISA- Knowledge of ISO 9001 or similar- ISO 27001 Lead Auditor or CISA certification- Experience in consulting roles
Codzienne zadania:
- Maintain and improve ISMS (ISO 27001, TISAX)
- Support internal and external audits
- Identify compliance gaps and track improvements
- Create and update policies, standards, and procedures
- Support GDPR, NIS2, and other regulatory requirements
- Assist with customer audits and security questionnaires
- Provide basic advisory support to clients
- Conduct high-level security and compliance assessments
🔍 Dekoder Ogłoszenia
🔴
support the development of our security framework, internal audits, and client-facing compliance activities
Może oznaczać zarówno aktywne tworzenie i wdrażanie, jak i jedynie wsparcie w istniejących procesach, które mogą być już ustalone.
🔴
act as a trusted advisor for both internal stakeholders and external clients, providing clear and actionable guidance on security and compliance topics
Oczekuje się, że będziesz nie tylko wykonywać zadania, ale także samodzielnie podejmować decyzje i proponować rozwiązania, co może oznaczać dużą odpowiedzialność.
🔴
Self-driven mindset and ability to manage multiple topics
Oznacza, że będziesz musiał samodzielnie organizować swoją pracę i prawdopodobnie zajmować się wieloma zadaniami jednocześnie bez ciągłego nadzoru.
🔴
Practical knowledge of ISO/IEC 27001 (ISMS, audits, controls, corrective actions)
Wymaga nie tylko teoretycznej wiedzy, ale przede wszystkim umiejętności praktycznego zastosowania standardu w codziennej pracy, co może być trudniejsze niż się wydaje.
🟡
Ability to assess security controls (governance perspective)
Oprócz technicznej oceny kontroli bezpieczeństwa, kluczowe jest zrozumienie ich wpływu na zarządzanie organizacją i zgodność z przepisami.