Information Security Consultant

Zagreb, Croatia

Span is a Croatian IT company with a global reach specializing in high-quality information systems design and management services, as well as tech support for customers and enterprises. We're constantly improving, advancing, and adopting new trends, new skills, and new expertise, giving our employees virtually endless opportunities for professional development.

As a result of higher demand and new growing businesses as well as customer requests in the fields of Governance, Risks and Compliance, we are looking for new members to join us. Depending on the background, interests, and prior experiences, our GRC colleagues are pursuing three distinct career paths. We are ready to support your growth along the selected path if you choose to focus more intently on any one of the three areas.

GRC department covers different topics regarding ISO standards and related best practices, but also existing laws and regulations which are related to information security, as well as development and improvement of business processes. This means cooperation with our technical teams to design and implement the best solutions related to information security.

We work on domestic and international projects which also means interaction and learning from various international experts in the fields of governance, risk, and compliance.

Projects are diverse and require constant research and learning, creativity as well as proactivity.

What you'll do:

Collaborating with key stakeholders to examine business processes and existing information security practices
Collecting and assessing customer needs in terms of data governance and data security. Align it with best practices, and applicable regulatory frameworks
Drafting and developing the information security rules and procedures that are agreed with the key stakeholders
Presenting different information security, compliance and risk related topics to key stakeholders

We could be a perfect fit if you are:

Approaching activities in a planned and organized manner, focused on essentials and working quickly and efficiently
Showing a strong desire for constant career development and gaining experience
Inclined to innovate, always trying out different approaches and looking for new, better and more efficient ways of working
Appreciating and accepting differences, respecting other people and their opinions and ideas and readily giving them yourself

What we expect:

3 years of working experience
Understanding IT processes and methodologies
Active knowledge of English (written and spoken)
High motivation to work in accordance with security principles and best practices
Excellent written and verbal communication skills
Willingness to learn

Skills that will bring you extra points:

Working experience within IT field
Working experience in information security, internal audit, risk management
Professional certificates (e.g., ISO 27001 Lead Auditor, CISA, CRISC)

What's in it for you:

Competitive salary according to your experience
A business phone of your choice
InHouse testing center- we are giving you an option of gaining professional certificates
Mentor - no matter how much experience you've got, we will provide you with an adequate mentor
Regular feedback on your performance and personalized career development plan
Possibility to earn different types of bonuses
Subvention of Multisport card- not only brain workout is important
Minimum of 25 vacation days
Complete health checks- adjusted for men and women
Free psychological counseling- we care about your well-being
Lunch and transportation compensations
Benefits for children of employees

Job location: Zagreb