Logo of Huzzle

Security Expert

image

Cleafy

Sep 9

Applications are closed

  • Job
    Full-time
    Mid & Senior Level
  • Data
    IT & Cybersecurity
  • Milan

Requirements

  • BS/MS in Information Security, Computer Science, or a related field
  • 3 to 5 years of experience in a GRC role with a focus on ISO27001, SOC2, and other relevant standards
  • Strong understanding of risk management principles and practices
  • Experience with security audits, compliance assessments, and certification processes
  • Excellent analytical, organizational, and communication skills
  • Ability to work independently and collaboratively in a team environment
  • Detail-oriented with a strong commitment to maintaining high standards and work ethic
  • Fluent spoken and written English
  • Plus:
  • Relevant certifications such as ISO27001 Lead Auditor/Implementer, CISA, ITIL, etc.
  • Proficiency in Spanish, French, or German, both written and spoken

Responsibilities

  • Develop, implement, and maintain security policies, procedures, and standards in alignment with ISO27001, SOC2, and other relevant frameworks
  • Conduct regular internal audits and assessments to ensure compliance with security standards and regulatory requirements
  • Coordinate external audits and certification processes
  • Assist with customer audits and address any security concerns or queries
  • Identify, assess, and manage security risks, providing recommendations for mitigation
  • Maintain documentation related to security policies, procedures, and compliance activities
  • Collaborate with various departments to ensure security and compliance requirements are met
  • Stay current with changes in security regulations and industry standards, particularly those relevant to the financial services industry (DORA, NIS2)

FAQs

What is the primary focus of the Security Expert role?

The primary focus of the Security Expert role is on Governance, Risk, and Compliance (GRC), ensuring that the company adheres to security regulations and standards.

What qualifications are required for the Security Expert position?

The required qualifications include a BS/MS in Information Security, Computer Science, or a related field, along with 3 to 5 years of experience in a GRC role with a focus on ISO27001, SOC2, and other relevant standards.

What security frameworks should the Security Expert be familiar with?

The Security Expert should be familiar with ISO27001, SOC2, and other relevant frameworks, particularly those related to the financial services industry such as DORA and NIS2.

Are there opportunities for professional growth within Cleafy?

Yes, Cleafy provides personalized support to accelerate your professional growth and encourages you to bring your flair to the role.

Is proficiency in other languages a plus for this role?

Yes, proficiency in Spanish, French, or German, both written and spoken, is considered a plus for this role.

What type of working environment does Cleafy offer?

Cleafy offers a hybrid or remote working environment, allowing you to choose your preferred work setup.

What kind of support is available for our security audits and compliance assessments?

The Security Expert will assist with internal and external audits, including customer audits and addressing any security concerns or queries.

Is there a certification requirement for this position?

While not required, relevant certifications such as ISO27001 Lead Auditor/Implementer, CISA, and ITIL are considered a plus.

What benefits does Cleafy offer to its employees?

Cleafy offers attractive packages based on skills and experience, an international working environment, and opportunities to work with the latest technologies.

Why has Cleafy been recognized as a great place to work?

Cleafy has been certified by Great Place to Work® due to its supportive, respectful, and inspiring work environment that fosters collaboration among employees.

Technology
Industry
51-200
Employees
2014
Founded Year

Mission & Purpose

Cleafy is a cybersecurity company focused on providing advanced fraud prevention and detection solutions for digital platforms. Their ultimate mission is to safeguard businesses and their customers from online fraud and cyber threats by leveraging cutting-edge technology and data analytics. Cleafy’s purpose is to deliver innovative, effective, and scalable security solutions that enhance the safety of online transactions, protect sensitive information, and ensure a secure digital experience for all users.