Security Compliance Specialist

Amusnet crafts advanced online gaming software and solutions which power 1500+ operators worldwide in more than 30 jurisdictions. The company is constantly expanding by enriching its portfolio of 260+ games. All this is possible due to its motivated team of more than 700 people. Our team is growing and we are looking for an Information Security Compliance Analyst to join our Information Security Team!

The Information Security Compliance Analyst will be responsible for coordinating Governance, Risk, and Compliance activities to mitigate and manage risks and meet compliance and audit goals. This individual will be a part of the Information Security Department`s Governance, Risk, and Compliance team. The role will help continue to develop and mature the GRC program & processes based on industry best practices, including Controls Management, Audit Management, Risk Oversight, Issues & Exceptions Management, and Policy Management. If you have critical thinking and the ability to represent data in graphical form, you can be the perfect fit.

The Perfect Team Member Is Inspired To: 

• Ensure company-wide strategic alignment of information and cybersecurity with company goals and objectives.
• Act as a subject matter expert for the development, documentation and maintenance of policies, procedures, and standards across the organization, related to Information Security and Data Protection, part of the Global Information Security Management System (ISMS).
• Be an Information Security Compliance Champion in promoting and developing awareness of different information security best practices across the company.
• Assist with the development of Governance, Risk, and Compliance (GRC) related newsletters and training.
• Provide security advice and support IT and security risk assessments that address security threats, changes to systems and/or applications, process improvement initiatives, supplier assessments (including downstream outsourcers) and other requests from the business.
• Drive remediation activities from identification, remediation plan and closure. Hold owners accountable to delivery of remediation solutions within the agreed upon/reasonable SLA.
• Manage and support audit engagements and the continuation of ISO 27001 certifications.
• Coordinate and organize evidence for external and internal audit support; manage the control and process libraries (evidence) and assist the business in implementing security controls.
• Facilitate and manage information security related assessments conducted by third parties.
• Identify and report on gaps related to information security and compliance and other tasks to support the group’s underlying data and information security processes, infrastructure and ensuring measures are fit for purpose and scaled to deliver an appropriate level of protection. Working with various operational and business teams to drive toward a cohesive view of security risk and drive remediation items to closure.
• Maintain a close relationship with the providers of any outsourced contracts for services such as annual audits or other 3rd party contracts.

The Skills That Will Grab Our Attention:

• Information security or compliance experience with a proven ability to engage confidently with Senior Management and staff from all other departments.
• Someone who is highly organized, reliable, flexible and has exceptional attention to detail.
• Experience working in security standards and assessments including gathering evidence for audits and gap analysis.
• Deep knowledge of the laws, regulations, and standards relating to information security risk management, policy management, certifications (SOC 2, PCI, ISO 27001, NIST 800-53).
• Governance experience – organizing meetings/training, writing agendas, taking minutes, managing action logs.
• Experience in cloud technologies.
• A solid understanding of data management plus data and information security, including working knowledge of latest trends and technologies.
• Information security management qualifications or similar.
• Professional security, privacy and risk certifications such as CISSP, CRISC, CISA, CISM, CSX-P, CDPSE, CIPP would be a plus.
• Holds an active security clearance.
• Consultancy experience and/or demonstrable experience of providing support to various teams and stakeholders.
• Bachelor’s Degree, Information Systems, Computer Science, Information Security or similar