We are currently looking for a Security Compliance Specialist to join our Security & Compliance team located in Prague and Brno. The team is responsible for developing the security strategy of GoodData, driving its execution across the business, and providing assurance activities to increase the effectiveness.

What will you do?

• Prepare and execute annual audit plan.

• Execute internal audits across the whole organization in line with the approved plan.

• Define and implement improvements and automation to the audit tasks.

• Provide audit reports to business departments, the Security & Compliance team, and to the Security Council.

• Define appropriate control mechanisms, assess their effectiveness and efficiency, and flag potential risks.

• Control timely delivery on dedicated activities on projects, raise red flags when delivery is not on time, cost or quality is at risk, and propose actions to mitigate the impact.

• Report findings and ensure corrective and preventive actions are defined and implemented.

• Work with business management to define, assign, and manage follow-ups to audit findings.

• Orchestrate external audits (typically SOC 2), and ensure that relevant meetings are conducted, information delivered, and requested evidence provided.

• Own vendor management activities from a security & compliance perspective.

• Own customer compliance documentation composition and delivery and manage its timely execution.

• Participate on privacy compliance, coordinate its operations, and maintain the documentation, including ensuring its completeness and relevance.

• Translate security and/or compliance requirements into the language of GD and of the counterparty of the discussion.

About you

• Between 2 and 5 years of experience in internal or external audits, focus on IT and information security.

• Knowledge of information security standards (One or more from SOC 2 / ISO 27001 / SOX desirable, other standards like HIPAA or PCI-DSS are a strong advantage).

• At least a high-level understanding of security technologies (firewalls, IAM, log management, vulnerability scanners etc.).

• At least a high-level understanding of cloud / SaaS specifics.

• Knowledge of Agile methodologies; experience with DevOps is a plus.

• Experience with working in a regulated environment is a plus.

• Excellent written and spoken English.

• Analytical skills, ability to pair process and technology risks to business exposure.

• Organized and autonomous, able to work independently.

• Great communication skills.

• Ability to operate both on business and technical levels, across departments and management levels.

About GoodData

GoodData powers modern BI for the modern data stack.

GoodData is a cloud-based analytics platform. Employees, customers, and business partners will understand the data in the same way thanks to GoodData’s robust end-to-end pipeline; self-service analytics; low-code/no-code interfaces; embeddable data visualization; application integration; and more.

Benefits & Perks