Ensono is searching for a multifaceted information security professional who can partner closely with, and interface with general IT, architecture teams, business teams, and clients.
This role will frequently work with Ensono’s Global Security Operations teams and will ensure that all Ensono teams adhere to Ensono’s corporate information security policies, procedures, baselines, and guidelines
The Sr. Security Analyst will also identify risks and threats and support security incident response where necessary.The role will support the EMEA business to assure client satisfaction with Ensono security practices and commitments. The individual will be part of Ensono’s Global Cybersecurity Team, participating in their activities, operating consistently with the team’s practices and project schedules, and sharing responsibilities for any security-related task that may be required of team members.
Contribute to the development of re-engineering methods to improve processes, reduce risks, increase controls, and/or increase customer satisfaction
Provide guidance to operational support teams for existing security infrastructure solutions, balancing customer service while maintaining a high level of security hygiene across numerous cyber security environments
Partner with other Cyber Security and Information Technology teams to drive cross-functional projects
Work with project teams to identify and remediate control gaps using existing and proposed processes and technologies
Perform and lead information security control gap assessments in accordance with Ensono’s policies/procedures and standards.
Support Ensono business and/or functional teams in the development and deployment of action plans to close identified information security control gaps.
Monitor compliance with information security policies and practices and any applicable laws. Assist with internal and external security risk assessments, risk analysis and application or system-level testing and reviews. Participate in the assessment of compliance with security regulations. Participate in periodic application security health checks.
Assist with the research, development, continuous improvement, and implementation of security policies, procedures, standards, and processes based on compliance requirements and industry best practices. Enforce information security policies and procedures by reviewing security violation reports, investigating possible security exceptions, and documenting security controls. Contribute to the collection of information security metrics.
Prepare status reports on information security matters that are used for a variety of purposes – tracking and monitoring and risk management & compliance reporting. Coordinate with internal team and external auditors to provide documentation of compliance assessments, support, and remediation activities.
Assist with the review, analysis, and response to security events. Work to reduce information security risks by effectively administering the information security processes across the security policy and forensic functions.
Maintain and develop knowledge of regulatory security trends, new security technologies, and best practices. Conduct security and industry-specific research to keep myself and Ensono abreast of the latest security issues and regulatory developments that may impact existing policies, procedures, and practices. Participate in information security education, training, and awareness activities for technology and business teams.
Assist with the development and deployment of a security awareness program.
Security Architecture – Work with project and internal teams to provide security architecture review on projects and proposals
Security project execution/management – Manage and execute regional or assigned security projects in line with requirements provided by management.
Where a local response is needed, review client security terms in proposed MSAs to assure Ensono can meet requirements. Coordinate with Ensono Legal and other Business Teams to ensure acceptable terms
Participate in client meetings as needed.
Minimum 5 years of related experience
Bachelor’s required, preference in Computer Science or similar
Excellent oral and written communication skills
Self-directed ability to lead, prioritize and drive an initiative from concept to implementation
Strong analytical, problem solving and troubleshooting ability
Proven ability to collaborate with people at various levels globally
Familiarity and experience in Risk management
Experience with Microsoft Power Automate and PowerBI
Good working knowledge of Information Security Standards i.e. ISO 27001 & PCI-DSS
Familiarity with relevant regulatory requirements such as GDPR.
Certifications (CISSP, CISM, etc.)preferred but not required
What we offer:
My Benefit system (each month you will receive 350 points, which canbe collected and used for travels or just spend on Allegro)
Lunch card(190 PLN each month)
Virgin Pulse platform – collect points for being active, then exchange them for Amazon/Visa credits
Flexible and remote work opportunities
Performance bonus (up to 7% twice per year)
Referral bonus program (at least 4k PLN)
Study leave (additional 5 paid days for studying – conference, reading books, or any other learning activity you want to do)