Plus
Включить Plus
Назад
Company hidden
1 месяц назад

Information Security Analyst (Cybersecurity)

Формат работы
remote (только Croatia)
Тип работы
fulltime
Грейд
middle
Английский
b2
Страна
Croatia
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Information Security Analyst (Cybersecurity): Managing security compliance and GRC operations for a hospitality revenue management platform with an accent on SOC 2 and ISO 27001 evidence collection. Focus on automating governance via Vanta, coordinating access reviews, and supporting AI governance alignment.

Location: Remote (Croatia)

Company

hirify.global is a leading hospitality revenue management platform providing an AI-driven Revenue & Profit Operating System for hotels, resorts, and casinos worldwide.

What you will do

  • Administer the Vanta GRC platform to collect and maintain SOC 2 Type 2 evidence across IT, Engineering, HR, and Legal.
  • Coordinate access reviews for production systems, cloud platforms, SaaS tools, and privileged accounts.
  • Maintain the governance policy inventory, risk register, and risk treatment tracker.
  • Perform vendor security assessments, manage questionnaires, and track penetration test remediation.
  • Draft and maintain approved responses for RFPs, sales questionnaires, and customer trust materials.
  • Coordinate phishing simulations, security awareness training, and compliance reporting.

Requirements

  • 2–4+ years of experience in security GRC, IT audit, compliance, or risk management.
  • Must be based in Croatia.
  • Familiarity with SOC 2, ISO 27001, NIST CSF, and audit evidence collection.
  • Experience using Vanta or a comparable GRC/compliance platform.
  • Strong written communication skills for drafting policies and RFP responses.
  • Ability to collaborate with technical teams to understand security evidence in context.

Nice to have

  • Experience working within SaaS environments.
  • Familiarity with AWS evidence, MDM, endpoint security, and vulnerability management.
  • Basic understanding of GDPR, DPA, DTIA, DPF, and subprocessor management.

Culture & Benefits

  • High-visibility role where compliance work directly enables enterprise deals and customer trust.
  • Cross-functional exposure across Engineering, IT, Legal, HR, and Sales.
  • AI-first organization investing in AI governance alignment under ISO 42001.
  • Opportunity to shape a new role and build security processes from the ground up.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →