Senior Information Security Engineer

Brak informacji o wynagrodzeniu
SeniorFull-time
#388284·Dodano 2 dni temu·1
Źródło: SmartRecruiters Inc
Aplikuj teraz

Tech Stack / Keywords

SecurityIT SecurityCloudAIAWSNetworkingSDLC

Firma i stanowisko

SmartRecruiters is a Recruiting AI Company that transforms hiring for the world’s leading enterprises. It is an SAP company delivering an AI-powered hiring platform that automates and optimizes the entire talent acquisition process. Over 4,000 companies, including Amazon, Visa, and McDonald's, rely on SmartRecruiters. In 2025, SmartRecruiters joined SAP, combining AI innovation with SAP’s scale and resources. The company is recognized as a strategic leader in recruitment technology and is noted for its remote-friendly culture, competitive salaries, and strong internal mobility.

Wymagania

  • 5+ years of experience in information security, governance, risk, and/or compliance roles with a technical orientation
  • Demonstrated compliance or auditing experience with at least one major framework
  • Solid understanding of controls auditing principles and evidence management
  • Knowledge of risk management methodologies and experience conducting or supporting risk assessments
  • Ability to manage and deliver multiple complex projects simultaneously with minimal supervision
  • Ability to investigate, question, and interpret internal and external IT security and compliance issues at governance and technical levels
  • Strong understanding of technology, cloud-based products, and SaaS environments
  • Experience working across business units and geographic boundaries engaging engineering, business, and operational teams
  • Experience with ISO 27001
  • Excellent written and verbal communication skills in English

Nice to have:

  • Professional certifications such as CISA, CRISC, CISM, CISSP, CCSK, CCSP, or equivalent
  • Experience with ISO 9001, 27017, and 27018
  • Experience with ISO 22301 (Business Continuity), including BIA, BCP/DRP, and recovery testing
  • Experience with BSI C5 (Cloud Computing Compliance Criteria Catalogue) or similar cloud-specific compliance frameworks
  • Knowledge of AI security principles, experience with ISO 42001, or familiarity with the EU AI Act and technical requirements
  • Technical understanding of cloud infrastructure (AWS preferred), networking fundamentals, identity management, and SaaS security architectures
  • Experience with enterprise risk management frameworks and tools
  • Understanding of threat modelling methodologies and secure development lifecycle (SDLC) principles
  • Hands-on experience with incident response including participation in security incident investigations, containment, and post-mortem processes

Obowiązki

Governance, Risk & Compliance:

  • Identify manual, repetitive GRC processes and design automation blueprints to streamline them, including evidence collection, control monitoring, access reviews, policy enforcement checks, and compliance reporting
  • Build and maintain automated workflows using compliance platforms, scripting, or integration tools to reduce manual effort and improve audit-readiness
  • Develop reusable templates, playbooks, and standardized blueprints for recurring GRC activities (e.g., vendor assessments, internal audits, risk reviews) to ensure consistency and scalability
  • Collaborate with engineering and IT teams to integrate security and compliance checks into existing toolchains and CI/CD pipelines where applicable
  • Continuously evaluate and improve GRC tooling, data flows, and reporting to drive operational efficiency
  • Manage stakeholder expectations and partner with internal teams to ensure effective management of IT risks and compliance obligations
  • Maintain regional and local stakeholder relationships, meeting schedules, minutes, and reports
  • Support the maintenance of the SOC 2 Type II framework, including evidence collection, control testing coordination, and audit support
  • Manage ISO 27001 and ISO 22301 audit lifecycles and coordinate ISMS and BCMS improvements
  • Support maintenance and continuous improvement of the ISO 42001 (AI Management System) framework in alignment with the EU AI Act
  • Support vendor risk management, including third-party security assessments and due diligence reviews

Business Continuity & ISO 22301:

  • Serve as a subject matter expert or key contributor for the Business Continuity Management System (BCMS)
  • Support Business Impact Analysis (BIA), BCP/DRP development, recovery exercises, and continuity metrics management

AI Security & Compliance:

  • Support AI security and compliance activities, including assessment of AI-related risks and alignment with ISO 42001 controls and EU AI Act
  • Collaborate with product and engineering teams to evaluate security controls for AI/ML features and services

Inne informacje

SmartRecruiters is an Equal Employment Opportunity employer. They do not discriminate on legally protected characteristics including race, religion, color, national origin, gender, sexual orientation, gender identity, age, veteran status, or disability.

SmartRecruiters Inc.

SmartRecruiters Inc.

13 aktywnych ofert

Zobacz wszystkie oferty
Aplikuj teraz