Information Security Officer/Specialist

At SPD Technology, we bring together a team of like-minded people who are driven by the desire to bring value through their work, united in their commitment to high performance and delivering custom, cutting-edge tech solutions that drive clients’ growth. We empower our people with a culture of excellence and enable them with the opportunity to uphold their accountability to contribute on each level. We value humanity and collaboration, encourage professional and personal growth, and foster a supportive and flexible work environment where everyone’s contribution is welcomed. About the role The Information Security Officer/Specialist will play a critical role in establishing and maintaining our Information Security Management System (ISMS) to achieve and maintain ISO 27001 certification. This individual will be responsible for developing, implementing, and enforcing security policies and procedures, conducting internal and external audits, mitigating security risks, and providing expert consultation on various compliance standards, including GDPR, CCPA, PCI DSS, and SOC. As a qualified expert, You will be responsible for ISO 27001 Compliance Develop, implement, and maintain the company’s ISMS to comply with the latest ISO 27001 standard requirements. Ensure continuous improvement of the ISMS and prepare for and manage ISO 27001 certification audits. Organize and maintain all necessary documentation and processes required to successfully achieve and maintain ISO 27001 certification. Maintain up-to-date knowledge of ISO 27001 standards and best practices. Security Policies and Procedures Develop, document, and enforce security policies, procedures, and guidelines. Conduct regular reviews and updates of security policies and procedures to address evolving threats and compliance requirements. Provide security awareness training to employees. Security Audits Plan, conduct, and document internal and external security audits. Identify and report security vulnerabilities and non-conformities. Develop and implement corrective actions to address audit findings. Conduct comprehensive risk assessments to identify and evaluate security risks. Develop and implement risk mitigation strategies. Monitor and report on security risks and vulnerabilities. Compliance Consultation Provide expert consultation and guidance on GDPR, CCPA, PCI DSS, and SOC compliance. Assist in the implementation of compliance requirements and ensure ongoing adherence. Stay abreast of changes in relevant regulations and standards. Assist with incident response planning and execution. Assist with security incident investigations and reporting. Assist with security-related vendor due diligence. Assist with security-related vendor management. We’re looking for you if you have Bachelor’s degree in Information Security, Cybersecurity, Computer Science, or a related field. Minimum 3-5 years of experience in information security, compliance, or risk management. Hands‑on experience with ISO 27001 implementation and certification. Experience conducting internal and external audits. Excellent communication and teamwork abilities. English — upper‑intermediate (B2 and above). Bonus Points CISSP, CISM, CISA, or equivalent security certifications Interview Process Interview with a recruiter (up to 45 minutes) Interview with Manager (up to 1.5 hours) What’s in it for You Reveal great tech solutions Join the team of individuals who care about what they do and how they do it, and are accountable for the result and high performance. Unleash your potential, tackle new challenges, and be part of a team that values your skills and contributions. Experience an agile and flexible working environment Work from our office hubs or in a hybrid work model. Enjoy 20 business days of paid vacation, unlimited sick leave, 4 days of emergency leave. Feel cared about Prioritize your well‑being with a medical insurance yearly budget / financial reimbursement of expenses on medical services outside Ukraine. Get compensation for sports, equipment, massage, and rehabilitation, along with access to our well‑being program, corporate loan, and tax and legal support. Embrace the opportunity for personal and professional growth Take advantage of individual learning and certification budget, career paths and personal development plans, company‑wide tech and cultural events, educational leave, language courses, access to our corporate library, and more. Embrace the opportunity to innovate with us About SPD Technology SPD Technology is a custom software product development and IT consulting company with extensive expertise in various industries, including fintech, e-commerce, logistics, insurance, biotech, cybersecurity, and more. Our world‑class team of over 650 experts develop web, mobile, AI/ML, and enterprise solutions for world‑renowned companies, including Fortune 500 firms and emerging startups. We have 2 development centers in Europe, a representative office in London, the U.K., and remote teams, working worldwide. With over 19 years of experience in designing, building, streamlining, and supporting software products, SPD Technology drives growth of businesses from the US, the U.K., Israel, Switzerland, Mexico, and other countries. #J-18808-Ljbffr