Senior Information Security Specialist @ SmartRecruiters Inc.

Popis pozice

O pozici / o projektu

Původní popisek. SmartRecruiters transforms hiring for the world’s leading enterprises. We deliver an AI-powered hiring platform built for global scale, automating and optimizing the entire talent acquisition process. More than 4,000 companies, including LinkedIn, McDonald's, VISA, CD Projekt Red, Allegro rely on SmartRecruiters to build winning teams.

In 2025, SmartRecruiters joined SAP, the global leader in enterprise applications. Together, we are accelerating the reinvention of hiring by combining AI innovation with the scale and resources of SAP’s ecosystem.

We designed our R&D structure based on the empowered product teams model. It means our teams are responsible for business outcomes and have autonomy in solving problems in a way that “customers love yet work for the business”.

Job Description

SmartRecruiters is looking for a Senior Information Security Specialist to join the Governance, Risk & Compliance (GRC) team. This role is critical to ensuring that SmartRecruiters' applications, systems, and processes remain compliant with industry standards and regulatory requirements, including ISO 27001, ISO 22301, ISO 42001, SOC 2 Type II, Cyber Essentials, GDPR, and the EU AI Act.

The successful candidate will combine strong GRC expertise with a technical, engineering mindset - someone who can drive compliance programmes across multiple frameworks while also stepping into complex technical topics such as business continuity, AI security, and cloud compliance. Critically, this is not a purely audit-focused role; we need someone who can dig into technical details, assess security architectures, support forensic investigations, build automation to replace manual processes, and provide hands-on guidance to engineering and security teams. A core part of this role is identifying opportunities to engineer scalable, repeatable solutions, from compliance evidence collection to policy enforcement, rather than relying on manual effort.

Odpovědnosti

Původní popisek. • Identify manual, repetitive GRC processes and design automation blueprints to streamline them, including evidence collection, control monitoring, access reviews, policy enforcement checks, and compliance reporting

• ▪Build and maintain automated workflows using compliance platforms, scripting, or integration tools to reduce manual effort and improve audit-readiness
• ▪Develop reusable templates, playbooks, and standardised blueprints for recurring GRC activities (e.g., vendor assessments, internal audits, risk reviews) to ensure consistency and scalability.
• ▪Collaborate with engineering and IT teams to integrate security and compliance checks into existing toolchains and CI/CD pipelines where applicable
• ▪Continuously evaluate and improve GRC tooling, data flows, and reporting to drive operational efficiency across the team
• ▪Manage stakeholder expectations and partner with internal teams to ensure effective management of IT risks and compliance obligations

Ukázat vše (14) Detail pracovní nabídky

• ▪Online nábor
• ▪Jazyk náboru: Angličtina&Polština
• ▪Ihned
• ▪Práce plně na dálku
• ▪Flexibilní pracovní doba
• ▪Především tvorba nových funkcí

Metodika práce

• ▪Agile management Scrum, Kanban, Agile
• ▪Issue tracking tool Jira
• ▪Knowledge repository Confluence, GitHub

Výhody v kanceláři

• ▪Bezplatná káva
• ▪Parkování kol
• ▪Zábavná zóna
• ▪Sprcha
• ▪Bezplatné parkování
• ▪Vnitřní školení
• ▪Moderní kancelář
• ▪Atmosféra startupu
• ▪Bez požadavku na dress code
• ▪Family Events
• ▪Company Parties
• ▪Vnitřní hack days

Výhody

• ▪Sportovní balíček
• ▪Soukromá zdravotní péče
• ▪Malé týmy
• ▪Mezinárodní projekty
• ▪Unlimited vacation days
• ▪Company Shutdowns twice a year

O firmě