IT Security Associate

EcoVadis Detailed insights to confidently manage value chain risk & compliance, build performance for net-zero & sustainability targets, drive value & impact: The universal sustainability ratings & intelligence suite.

View company page

Work smart, have fun and make an impact

Our purpose is to guide all companies toward a sustainable world. EcoVadis is the leading provider of business sustainability ratings.Our solutions are backed by an international team of experts and powerful technology. We analyze data and build sustainability scorecards that give companies actionable insights into their environmental, social and ethical risks.

Why apply to EcoVadis?

Be a part of the global sustainability change in business. Grow your career. Work with extraordinary people. Feel valued for your contribution.

Our IT Security team is seeking an IT Security Associate to coordinate and support security operations practices in our company, and bring forth security expertise in a fast-growing team. You will be the main point of contact for the alignment and provide hands-on collaboration in all areas of IT Security, ensuring that we deliver an outstanding service to our internal and external customers and stakeholders.

As the IT Security Associate, you will become the main point of contact and coordinator for the remediation of any improvement areas, as well as the 'face' of our team towards our Sales and Customer Solutions' teams. Also, your knowledge and willingness to learn on new security trends and technologies will be of great value to our company, while identifying efficiency and automation opportunities.

This role, reporting directly to the IT Security Director, will include the following responsibilities:

• Active support on security questionnaires, contract reviews and client meetings.
• Define and conduct security reviews (technical and compliance checks) of our network, systems and platforms, and track the remediation of any identified gaps.
• Coordinate and organize evidence gathering for certification testing and audits.
• Delineate and execute a control testing strategy to comply with internal IT Security framework compliance, standards, and other applicable regulations.
• Establish and collaborate in the creation and maintenance of security guidelines for multiple technologies (e.g. SASE solutions, security baselines, etc.)
• Perform security reviews on SaaS applications used internally, and establish a formal process of application sanctioning and periodic review.
• Manage and lead improvements in the resiliency of non-cloud environments and operations (DRP, Backups, Domains, Incident Response ).
• Maintain the security posture of our external surface, and manage issue remediations as necessary.
• Ensure proper documentation, configuration and operation of our security protective measures, and ensure that necessary fixes are planned and executed.
• Develop reports, dashboards and other mechanisms to report on project tracking, remediation progress, and other domains that require continuous follow-up.
• Promote an IT Security culture, and collaborate with the team in the creation of articles, FAQs, and documentation related to security awareness and training.
• Advocate for continuous improvement and automation wherever possible.
• Assist with other organization security projects and tasks as required.

Qualifications

• 2+ years of experience in a similar role in a relevant software or internet service industry,
• Minimum Bachelor of Science degree in Computer Science, Computer Engineering, or a related technical field,
• High level of independence and proactivity. The ideal candidate will be capable of taking initiative, identifying opportunities for improvement, and driving projects forward without constant supervision.
• Strong experience in designing and implementing security guidelines and mechanisms to check adherence to such standards,
• Experience in conducting manual and/or automatic security compliance reviews,
• Good knowledge of IT Security frameworks (e.g. ISO 27001, NIST 800-53, etc.),
• Managing and prioritizing multiple tasks in accordance with high level objectives, and anticipating and addressing challenges as they arise.
• Strong foundation in information security, security engineering, network security, authentication and security protocols, access controls, etc.,
• Experience with engaging external stakeholders (e.g. clients) regarding security protection methods, and agreeing on contractual clauses,
• Educated in the creation of reports and dashboards for different technical and executive stakeholders,
• Ability to conduct research about areas unknown to him/her, and use that knowledge to deliver security guidelines and propose improvements,
• Capacity to be organized and efficient handling diverse tasks simultaneously,
• Ability to adapt and thrive in a fast-changing environment,
• Open to work in an international, multilingual environment,
• Proficient in English (oral and written).
• French language proficiency is an asset,
• Hands-on experience with Google Workspace is a plus.

Additional Information

Location: Warsaw Hybrid or Remote from Poland
Start date: ASAP
Contract of Employment or B2B

Everyone at EcoVadis contributes to a culture of trust, respect and empowerment. Our growing team in Poland is full of talented professionals from various sectors who all share a desire to make an impact. We offer competitive salaries and support personal growth from day one with extensive onboarding, mentoring and a brand new e-learning platform bursting with courses and modules so you can learn new skills and fine-tune old ones.

Benefits:

• Support with all the necessary office and IT equipment
• Optional (fully covered or co-financed) health care and life insurance
• Multisport card and wellness allowance
• Multicafeteria
• Lunch card
• Annual performance bonus
• Hybrid for colleagues who live near our offices (4 days per month)
• Remote work from abroad policy (up to 3 months per year)
• Internet and electricity bill allowance
• CSR activities
• Modern, pet-friendly office in the city center (next to Rondo ONZ)
• Community service day when volunteering

Our hiring team looks forward to reviewing your CV, in English, with a guaranteed response to every application. A new job with purpose awaits you

Don't fit all the criteria but still think you'd be a good candidate?Please apply anyway to give our hiring team the opportunity to assess your skills and to learn more about what you could bring to EcoVadis. We're interested in hiring capable people, regardless of professional and educational background.

Can the hiring process be adjusted to suit my needs?Yes. We want everyone going through the hiring process with EcoVadis to feel confident that you are able to demonstrate your full potential. We welcome applications from disabled people, people with long-term health conditions, and neurodiverse candidates. If you need any adjustments, including the provision of interview questions, please let the hiring team know.

Our team's strength comes from everyone's uniqueness and is founded upon mutual respect.EcoVadis commits to equity, inclusion and reducing bias in our hiring processes. EcoVadis does not accept any form of discrimination based on color, national or ethnic origin, ancestry, citizenship, religion, beliefs, age, sex, gender identity, sexual orientation, neurodiversity, disability, parental status, or any other protected characteristic that makes you unique. In your application, we encourage you to remove personal information such as: photographs, marital status, number of children, religion, gender, residential postal code, university graduation date, past medical or parental leave(s) taken, nationality (instead, please state if you are legally eligible to work in the job region/country), university name (instead, please state any degrees obtained and the study major).

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

#J-18808-Ljbffr

---