Companies you'll love to work for

Senior Information Security Analyst

Duco

Duco

IT
Wrocław, Poland
Posted on Thursday, May 30, 2024

About Us

Duco is making waves! Businesses in the digital economy succeed or fail based on their ability to deal with masses of data and complexity quickly and efficiently, and many of the world’s leading companies trust Duco with the management of their complex, mission-critical data. Duco brings together data quality, reconciliation, data prep and management in one agile, cloud-based platform.

Headquartered in London, with offices in New York, Boston, Wroclaw, Singapore, and Antwerp. Duco serves clients across the globe. Our customers include over 15 of the largest global international banks as well as brokers, exchanges, asset managers, hedge funds, administrators, service providers and corporates.

About the role
We are looking for an experienced Information Security Analyst in the GRC (Governance, Risk, and Compliance) space to support both our internal departments and external stakeholders to ensure maintaining the trust and integrity of the organisation's digital infrastructure and staying compliant with all relevant regulations. Working closely with the Head of Information Security, you will be integral in shaping the future of InfoSec within Duco.

This role will be primarily based in our Wroclaw office, with the ability to work remotely at times.

What you will be working on:

  • Lead the development and maintenance of the Information Security policy framework in-line with risk appetite, legislation and industry best practices
  • Lead 3rd party due diligence activities
  • Lead the response to client Information Security inquiries and questionnaires
  • Curate and maintain Duco’s Information Security knowledge base in support of Duco Customer Success and Pre-Sales teams
  • Provide an initial point of contact and triage for Information Security requests from across the business
  • Lead on Regulatory compliance, including DORA, Cyber Resiliency and AI regulation
  • Collaborate with engineering teams to build out a security knowledge base
  • Develop and maintain security KRIs and KPIs
  • Provide Information Security advice and guidance
  • Maintain an awareness of the existing and emerging threat landscape
  • Work closely with colleagues across the business to promote a strong Information Security culture and ensure compliance with Information Security policies and procedures
  • Support maintenance and compliance of our ISO27001 and SOC1/2 accreditation
  • Support Information Security risk assessments across the technology stack and at physical locations

Ideally, you will have:

  • 6 years of previous experience in Information Security in a role with similar responsibilities
  • Previous experience with managing 3rd party due diligence and risk
  • Previous experience conducting Information Security assessments
  • Previous experience maintaining an established Information Security Management System (ISMS)
  • Previous experience with Information Security risk management and incident management
  • Previous experience maintaining accreditations such as ISO27001, SOC1 and SOC2
  • Extensive knowledge of cloud computing environments, container-based technologies, and associated security controls and standards
  • Knowledge of Google Workspace, JIRA, and Confluence
  • Ability to work in a fast-paced and collaborative environment where you may be responsible for developing novel solutions
  • Proficiency in delivery, stakeholder management, reporting, and risk and issue management

Our benefits:

  • A starting annual salary in the range of PLN 226 000 - 280 000 gross annually, aligned to your skills and experience. Reviewed annually
  • Private medical care packages: individual, partner, or family
  • Multisport card
  • Life insurance package
  • A success-sharing bonus scheme, so we recognise and reward your effort
  • 600 PLN annual allowance to help you make the best of your home working environment
  • Unlimited annual holiday, because we trust our people to manage their own time off
  • Flexibility around working hours, as long as you’re delivering what’s needed
  • Flexible working policy, including work-from-home opportunities
  • Opportunity to work abroad for up to 6 weeks per country per year
  • Enhanced family leave provisions
  • Personal learning and development opportunities (annual dedicated budget)
  • Referral bonus if we hire someone great who you’ve recommended to us
  • An Employee Equity Purchase Scheme, so you have a personal investment in the success of the company
  • Employee of the Month and Employee of the Year awards
  • 4 Volunteering days off that can be used flexibly based on the employee’s choice of initiative

Want to do a little more research before you apply?

Head over to our Glassdoor page to learn about our benefits, culture and to find out what our team thinks about life at Duco. You can also find out more about us on LinkedIn.

Disclaimer

Because we are committed to inclusivity, we strive to provide equitable opportunities for everyone. If you require accommodation during the recruitment process, please let us know at talent@du.co. Include your contact information, the role you're applying for, and how we can accommodate you.

During the interview process and after hire, Duco does not discriminate on the basis of race, color, gender or gender expression, sexual orientation, marital or pregnancy status, national origin, age, disability, religion or creed, socioeconomic background or status, size, or any other protected characteristic.