Security Specialist
Join SOFTSWISS as a Security Specialist and be part of our exciting journey! We are searching for someone who not only has the expertise but also resonates with our culture and values.
Overview:
We are looking for a proactive and process-oriented Security GRC Specialist to join our Security Governance, Risk, and Compliance team. In this role, you will help strengthen the organization's security governance framework by supporting security reviews, risk assessments, policy development, and security initiatives across the company.
Purpose of the role:
You will work closely with Engineering, IT, Legal, HR, and business stakeholders to ensure security requirements are embedded into business processes and projects. A key part of the role includes driving Security Awareness initiatives to foster a strong security culture, alongside broader Governance, Risk, and Compliance activities.
As the Security GRC function continues to evolve, you will have the opportunity to contribute to Security by Design, third-party security assessments, process automation, and continuous improvement of the company's security governance.
This position is ideal for someone who enjoys combining governance, process improvement, stakeholder collaboration, and practical information security.
Key responsibilities:
Perform Security Reviews for internal projects, business initiatives, and technology changes.
Conduct Vendor Security Assessments and support third-party risk management activities.
Participate in Security by Design reviews by identifying security risks and defining security requirements early in the project lifecycle.
Develop, review, and maintain security policies, standards, guidelines, and governance documentation.
Support Governance, Risk, and Compliance initiatives, including risk assessments, control implementation, and security process improvements.
Plan, coordinate, and continuously improve Security Awareness initiatives, including employee training and phishing simulation campaigns.
Measure the effectiveness of security awareness activities through reporting, metrics, and recommendations for improvement.
Support the Security Disciplinary Framework and other governance-related processes.
Identify opportunities to automate and optimize Security GRC processes, reporting, and operational workflows.
Collaborate with cross-functional stakeholders to improve the organization's overall security posture and security maturity.
We are looking for someone who:
Has a genuine interest in Information Security and Security Governance.
Enjoys improving and optimizing business processes.
Demonstrates strong analytical and problem-solving skills.
Communicates effectively with both technical and non-technical stakeholders.
Is detail-oriented, proactive, and well-organized.
Enjoys driving initiatives and collaborating across teams.
Is interested in automation and continuous process improvement.
Required experience:
1–3 years of experience in Information Security, Security GRC, IT Governance, Risk Management, Compliance, Security Operations, or a related field.
Experience conducting security assessments, security reviews, or vendor security assessments.
Experience developing security policies, standards, procedures, or governance documentation.
Experience planning or supporting Security Awareness programs, phishing simulations, or security training initiatives.
Experience with reporting and analytics tools.
Basic scripting or workflow automation skills.
Experience with Jira, Confluence, Google Workspace, or similar collaboration platforms.
Familiarity with AI tools (ChatGPT, Gemini, Claude, etc.) to improve documentation, research, and operational efficiency.
Our Benefits:
Private health insurance
Sports benefits
Comprehensive Mental Health Program
Free English lessons (online)
Local language courses
Paid time off
Maternity leave support
Referral program rewards
Upskilling, internal workshops, and participation in professional conferences and corporate events
- Department
- Security
- Role
- Security Specialist
- Locations
- Poznan, Poland, Warsaw, Poland
- Remote status
- Fully Remote
- Employment type
- Full-time