EY Information Security Senior Specialist in Poland
Title: Information Security Senior Specialist
Location: PL- -Wrocław
Job Number: WRO001BY
Information Security Senior Specialist
About EY GDS
EY Technology is a global organization that works with our internal clients, to provide IT support and solution to client teams, internal support functions and global projects and programs. Over the next few years, GDS Poland will increase the number of IT professionals in its center to develop and support EY’s business and internal applications. These professionals include IT project managers, business analysts, software architects, infrastructure engineers.
IT Services team maintains and enhances EY’s IT infrastructure and works for our internal clients across the globe. You will work with EY locations, supporting our service lines and key business processes or be part a dedicated IT team handling cross-organizational initiatives and transformational projects.
The Information Security Framework Management (ISFM) team is responsible for obtaining and maintaining ISO 27001 certifications. This team manages the entire Information Security Management System (ISMS), the full ISO audit lifecycle, monitoring, risk management and continuous improvement. The ISFM Specialist is responsible for planning and coordinating activities related to the operational support of the ISMS as well as participating in certification and surveillance audits. In addition, the Specialist is involved in supporting the readiness of entities where ISO 27001 certification could benefit.
Your key responsibilities
• Support and / or lead all aspects of the ISMS audit life cycle
• Build and maintain local relationships within different geographic locations
• Work with stakeholders to produce ISMS status reports regularly
• Work with stakeholders to document corrective actions, track remediation and report progress
• Work closely with local area contacts to identify information security control processes and associated ownership
• Understand and be able to implement all aspects of the ISO 27001:2013 standard
• Create and maintain ISMS documentation specific to each implementation
• Work with local area contacts and management for risk treatment and acceptance
To qualify for the role you must have
Degree at university level
English language skills - excellent written and verbal communication
At least 3 years of hands on experience in Information Security Framework Management area
In-depth familiarity with the ISO 27001:2013 standard as well as the ISO 27000 family of standards Ability to scope, conduct and analyze audits based on controls frameworks
Experience and knowledge with ISO 27001:2013 implementations, citing specific roles and responsibilities
Experience in conducting on-site audits and managing the entire lifecycle for risk treatment and corrective action plans
Excellent verbal and written communication skills
Who we look for?
We love working with people who are passionate about their job and have amazing skills in their area a think that: you’re an expert in the field with highly developed business and interpersonal skills, you’re always ready to face new professional challenges, you’re a person with a great sense of humor and you’re open to cross-border experiences; it’s a role for you.
What EY GDS offers?
Work in prestigious, stable company
Contact of employment
Participating in interesting projects
Work in a professional, dynamic, truly global team
Development opportunities in international multilingual environment
Business trips support
Water, tea, coffee, sugar, milk without limit plus fresh juice twice a week and fruit once a week
Wellness & Spa programme
Modern office space near market square
Home office up to 3 days
If you feel that the role suits your personal goals and career path, please send us your current resume.
Join us in building a better working world. Apply now.