A leading specialist in information security management in Comfy

Hello, if you're reading this job right now, it means you're already halfway to your dream job#klaaaaaassss.We're not stopping, we're just picking up momentum so let's be #onmbervan and get acquainted with our vacancy. The main goal of the position is to update and implement a set of information security documentation in accordance with ISO/IEC 27001, GDPR, internal business requirements.

Main duties:

• Development and updating:
• IS procedures and regulations;
• orders, regulations, standards;
• access matrices, roles, responsibility.
• Building and description of ISMS (Information Security Management System).
• Harmonization of internal documents with:
• ISO/IEC 27001, 27002;
• GDPR (Data Protection, DPIA, RoPA, etc.);
• audit requirements and control.
• Participation in preparation for internal and external audits.

Our ideal candidate is you if you:

• Experience in information security at least 5 years.
• Practical experience in development and implementation:
• IS policies, procedures, standards, orders;
• ISMS documentation in accordance with ISO/IEC 27001.
• Participation in the preparation and/or completion of:
• internal and external audits;
• checks for compliance with regulatory requirements.
• Experience in working with GDPR requirements (documents, processes, roles).
• Interaction with IT, SOC, DevOps, legal and business units.

Ready to offer you:

• High compensation according to skills.
• Opportunity to influence, improve and adjust the business processes.
• Democratic management style and a friendly team.
• Ease of communication, team interest and orientation to the best result.
• Long-term work on analytics with extensive cross-functional interaction.
• Paid vacation and sick leave.
• Official employment.
• Discounts in the COMFY store network and our partners.