At SPD Technology, we bring together a team of like-minded people who are driven by the desire to bring value through their work, united in their commitment to high performance and delivering custom, cutting-edge tech solutions that drive clients’ growth. We empower our people with a culture of excellence and enable them with the opportunity to uphold their accountability to contribute on each level. We value humanity and collaboration, encourage professional and personal growth, and foster a supportive and flexible work environment where everyone’s contribution is welcomed.

About the role

The Information Security Officer/Specialist will play a critical role in establishing and maintaining our Information Security Management System (ISMS) to achieve and maintain ISO 27001 certification. This individual will be responsible for developing, implementing, and enforcing security policies and procedures, conducting internal and external audits, mitigating security risks, and providing expert consultation on various compliance standards, including GDPR, CCPA, PCI DSS, and SOC.

As a qualified expert, You will be responsible for 

ISO 27001 Compliance

  • Develop, implement, and maintain the company’s ISMS to comply with the latest ISO 27001 standard requirements.
  • Ensure continuous improvement of the ISMS and prepare for and manage ISO 27001 certification audits.
  • Organize and maintain all necessary documentation and processes required to successfully achieve and maintain ISO 27001 certification.
  • Maintain up-to-date knowledge of ISO 27001 standards and best practices.

Security Policies and Procedures

  • Develop, document, and enforce security policies, procedures, and guidelines.
  • Conduct regular reviews and updates of security policies and procedures to address evolving threats and compliance requirements.
  • Provide security awareness training to employees.

Security Audits

  • Plan, conduct, and document internal and external security audits.
  • Identify and report security vulnerabilities and non-conformities.
  • Develop and implement corrective actions to address audit findings.

Risk Management

  • Conduct comprehensive risk assessments to identify and evaluate security risks.
  • Develop and implement risk mitigation strategies.
  • Monitor and report on security risks and vulnerabilities.

Compliance Consultation

  • Provide expert consultation and guidance on GDPR, CCPA, PCI DSS, and SOC compliance.
  • Assist in the implementation of compliance requirements and ensure ongoing adherence.
  • Stay abreast of changes in relevant regulations and standards.

Incident Response

  • Assist with incident response planning and execution.
  • Assist with security incident investigations and reporting.

Vendor Management

  • Assist with security-related vendor due diligence.
  • Assist with security-related vendor management.

We’re looking for you if you have

  • Bachelor’s degree in Information Security, Cybersecurity, Computer Science, or a related field.
  • Minimum 3-5 years of experience in information security, compliance, or risk management.
  • Hands-on experience with ISO 27001 implementation and certification.
  • Experience conducting internal and external audits.
  • Excellent communication and teamwork abilities.
  • English — upper-intermediate (B2 and above).

Bonus Points

  • ISO 27001 Lead Implementer / Lead Auditor
  • CISSP, CISM, CISA, or equivalent security certifications

Interview Process

  1. Interview with a recruiter (up to 45 minutes)
  2. Interview with Manager (up to 1.5 hours)

What’s in it for You

Reveal great tech solutions

Join the team of individuals who care about what they do and how they do it, and are accountable for the result and high performance. Unleash your potential, tackle new challenges, and be part of a team that values your skills and contributions.

Experience an agile and flexible working environment

Work from our office hubs or in a hybrid work model. Enjoy 20 business days of paid vacation, unlimited sick leave, 4 days of emergency leave.

Feel cared about

Prioritize your well-being with a medical insurance yearly budget / financial reimbursement of expenses on medical services outside Ukraine. Get compensation for sports, equipment, massage, and rehabilitation, along with access to our well-being program, corporate loan, and tax and legal support.

Embrace the opportunity for personal and professional growth

Take advantage of individual learning and certification budget, career paths and personal development plans, company-wide tech and cultural events, educational leave, language courses, access to our corporate library, and more.

Embrace the opportunity to innovate with us!

Anna Shustina
Anna Shustina
Senior Talent Acquisition Specialist
social