Текущие вакансии, связанные с Analyst - Governance Risk & Compliance (ISO 27001, SOC 2) - Киев, Киев - Trimble

  • Junior Compliance Analyst

    5 дней назад

    Киев, Киев, Украина Integrity360 Полный рабочий день 30 000 ₴ - 40 000 ₴ в год

    Title:Junior Compliance AnalystDepartment: Payments ComplianceLocation:Kyiv, UkraineJob type:Full-Time PermanentSalary:Negotiable / DOEAbout UsIntegrity360 is one of Europe's leading cyber security specialists operating from office locations spread out across Europe, providing a comprehensive range of professional, support and managed cyber security services...

  • Junior Compliance Analyst

    1 неделя назад

    Киев, Киев, Украина Integrity360 Полный рабочий день 30 000 ₴ - 60 000 ₴ в год

    Title: Junior Compliance AnalystDepartment: Payments ComplianceLocation:  Kyiv, UkraineJob type: Full-Time PermanentSalary: Negotiable / DOEAbout UsIntegrity360 is one of Europe's leading cyber security specialists operating from office locations spread out across Europe, providing a comprehensive range of professional, support and managed cyber security...

  • Cybersecurity Engineer

    4 дней назад

    Киев, Киев, Украина MODUS X Полный рабочий день 60 000 ₴ - 80 000 ₴ в год

    Станьте частиною команди, що створює цифрову реальністьMODUS X— українська ІТ-компанія, команда 650+ досвідчених спеціалістів — розширюємо горизонти можливостей бізнесу, розкриваючи потенціал...

  • Security Lead

    5 дней назад

    Киев, Киев, Украина Capgemini Полный рабочий день 100 000 ₴ - 120 000 ₴ в год

    About us: Capgemini Engineering is the world leader in Engineering and R&D services, we help our clients accelerate their journey towards intelligent industry. We bring them global expertise and capabilities, cutting-edge technologies in digital and software, agile engineering platforms, and an industrialized delivery model.We foster innovation, engineer,...

  • Information Security Manager

    2 дней назад

    Киев, Киев, Украина Innoware Полный рабочий день 60 000 $ - 80 000 $ в год

    Key responsibilitiesKey responsibilitiesEnsure compliance with ISO 27001 certification requirements, including conducting internal audits, monitoring corrective actions, and keeping documentation up to date.Deliver training sessions for the Innoware team on the fundamentals of information security.Participate in projects related to the implementation and...

  • Information Security Analyst

    5 дней назад

    Киев, Киев, Украина Atlas Technica Полный рабочий день 1 200 000 ₴ - 2 400 000 ₴ в год

    Position Name: Information Security Analyst Reports to: Chief Information Security Officer Location/Type: Remote Atlas Technica's mission is to shoulder IT management, user support, and cybersecurity for our clients, who are hedge funds and other investment firms. Founded in 2016, we have grown 100% year over year through our uncompromising focus on...

  • Information Security Analyst

    1 неделя назад

    Киев, Киев, Украина Atlas Technica Полный рабочий день 1 200 000 ₴ - 2 400 000 ₴ в год

    Position Name: Information Security Analyst Reports to: Chief Information Security Officer Location/Type: RemoteAtlas Technica's mission is to shoulder IT management, user support, and cybersecurity for our clients, who are hedge funds and other investment firms. Founded in 2016, we have grown 100% year over year through our uncompromising focus on...

  • Risk Analyst

    1 неделя назад

    Киев, Киев, Украина Solidgate Полный рабочий день 40 000 ₴ - 80 000 ₴ в год

    Our Mission and Vision At Solidgate, our mission is clear: to empower outstanding entrepreneurs to build exceptional internet companies. We exist to fuel the builders — the ones shaping the digital economy — with the financial infrastructure they deserve. To achieve that, we're on a bold path: to become the #1 payments orchestration platform in the...

  • Risk Analyst

    7 дней назад

    Киев, Киев, Украина Solidgate Полный рабочий день 40 000 € - 80 000 € в год

    Our Mission and Vision At Solidgate, our mission is clear: to empower outstanding entrepreneurs to build exceptional internet companies. We exist to fuel the builders — the ones shaping the digital economy — with the financial infrastructure they deserve. To achieve that, we're on a bold path: to become the #1 payments orchestration platform in the...

  • IT Audit and Consulting Manager

    1 неделя назад

    Киев, Киев, Украина KPMG Ukraine Полный рабочий день 600 000 ₴ - 1 200 000 ₴ в год

    KPMG is a global network of professional firms providing Audit, Tax and Advisory services.We operate in 143 countries and territories, and in FY22, collectively employed more than 265,000 people working in member firms around the world. KPMG is the brand under which the member firms of KPMG International Limited ("KPMG International") operate and provide...

Analyst - Governance Risk & Compliance (ISO 27001, SOC 2)

2 недель назад

Киев, Киев, Украина Trimble Полный рабочий день 70 000 $ - 120 000 $ в год

Your Title:  Analyst - Governance Risk & Compliance

Job Location: Ukraine, Poland

Our Department: Corporate Cybersecurity

Trimble is transforming the way the world works by delivering products and services that connect the physical and digital worlds. Core technologies in positioning, modeling, connectivity and data analytics enable customers to improve productivity, quality, safety, and sustainability. From purpose built products to enterprise lifecycle solutions, Trimble software, hardware and services are transforming a broad range of industries such as agriculture, construction, geospatial and transportation and logistics. 

In order to improve integrity between physical and digital worlds, Governance, Risk and Compliance (GRC) facilitates the integrated collection of capabilities necessary to support connected performance. GRC doesn't burden the business, it supports and improves it by adding value through establishing efficiencies, centralizing policy and creating metrics to reduce risk to maintain Trimble brand equity.  GRC resides within the corporate Trimble Cybersecurity team.

To be considered for this position, you must be familiar with security frameworks and security control auditing; (e.g., ISO 27001, ISO 27701, SOC 2, NIST*, CSF), risk assessments and scoring, conducting gap analysis, internal audits, and external audit coordination. Proficiency in English is essential.

This Opportunity

You are a self-motivated, mildly technical but versatile individual contributor looking to fill a Cybersecurity Compliance Analyst role by joining a diverse and collaborative international cybersecurity team for a large dynamic publicly traded company.  You will be responsible for helping to ensure Trimble's product portfolio maintain compliance to an array of frameworks (ISO 27001, ISO 27701, SOC 1 & 2, NIST*).  You will be a crucial member of our organization, working to achieve our customers expectations in the area of Compliance & Audit. 

The role requires an individual who works well independently and as part of a global team by adding value through processes optimization and managing a diverse portfolio of Trimble products seeking compliance to existing and new standards & frameworks.

Key Responsibilities

  • Perform ISO 27001, ISO 27701, SOC 2 & NIST gap analysis and recommend process, procedural, documentation and tooling recommendations to remediate.

  • Improve Compliance and certification scope efficiency via review and enhancements of the Trimble Common Control Framework

  • Perform ISO 27001 & ISO27701 Internal Audits.

  • Perform SOC 2, NIST Internal & External Audits

  • Contribute to annual policy revisions and maintenance of the IMS.

  • Constantly coordinate with key business stakeholders and the external auditor

  • Present metrics derived from the Integrated Management System, audit results, trends in risk, and corrective action plans to senior leadership.

  • Contribute to the creation of processes and procedures that increase efficiency of the overall compliance program across all standards and frameworks.

  • Collaborate with Cybersecurity team members, Trimble businesses across various geographies.

  • Contribute to risk management processes to ensure business risk posture is properly calculated and proactively managed.

  • Produce and analyze information that will accurately demonstrate the risk posture of each business and drive actions to reduce and manage technical risks.

  • Be able to understand and communicate technical risks to a broad set of stakeholders. 

Communication

The Trimble Cybersecurity team serves the entire organization. Trimble is divided into several Business focused Sectors and Divisions. This role will communicate with:

  • Cybersecurity, IT and GRC teams

  • Trimble leadership

  • Divisional & Sector Cybersecurity representatives

  • Software development staff

  • Other global functions (Human Resources, Legal as required

  • No communication with Trimble customers required

Skills / Competencies

  • Working knowledge of ISO 27001, ISO 27701, SOC 2 & NIST

  • Designing audit controls spanning ISO 27001, ISO 27701, SOC 2 & NIST

  • Ability to write policy and interpret complex business changes, as they arise

  • Comprehensive understanding of risk management standards and guidelines.

  • General IT knowledge (networking, cloud computing, software development)

  • General knowledge in Data Privacy (GDPR, CCPA and other regulations)

  • A passion for user-centric information that is clear and actionable, attention to detail focused on delivering accurate and creative metrics.

  • Ability to make effective, timely decisions with clear reasoning

  • Ability to quickly establish a broad understanding of an issue with limited available information and outline the steps required to bring it to a successful conclusion

  • Excellent organizational and presentation skills

  • Effective communication skills (verbal and written) and time management skills

  • Flexible approach to working in a changing environment and can work well under pressure with dynamically changing priorities

  • Ability to work as part of a collaborative global team, prepared to remain resilient to complete tasks to conclusion.

Qualifications / Experience

  • Preferable a relevant degree in Data Science, Computer Science or Engineering (Software or Electrical)

  • Current general security certifications (e.g., SEC+, GSEC) encouraged but not required

  • ISO 27001 Certified Internal / Lead Auditor and or equivalent experience.

  • 2 years experience working with ISO 27001, ISO 27701, SOC 2 and or NIST

  • Proficiency in English (written and oral)

  • 2 years experience in a risk management role, information security role or systems engineer/administrator role in a large, international software company

  • Hands-on experience with business and GRC tools such as: Jira Service Desk

  • Demonstrated experience in collecting information from disparate data sources and formulating into reports that can be presented to various audiences

  • Intermediate level experience with Windows and Linux/Unix operating systems

  • Intermediate level cloud knowledge within AWS, Azure and GCP

  • Intermediate level scripting knowledge and experience of Splunk and creating queries

  • Experience of using AI to reduce manual process and procedure

  • Excellent analytical, problem-solving and decision making skills.

Trimble's Inclusiveness Commitment

We believe in celebrating our differences. That is why our diversity is our strength. To us, that means actively participating in opportunities to be inclusive. Diversity, Equity, and Inclusion have guided our current success while also moving our desire to improve. We actively seek to add members to our community who represent our customers and the places we live and work. We have programs in place to make sure our people are seen, heard, and welcomed and most importantly that they know they belong, no matter who they are or where they are coming from.

Trimble's Privacy Policy