Security & Compliance Engineer

This is a fully remote position, open to applicants in Czechia.

📋 Description

• Assist in the ongoing enhancement of the Information Security Management System (ISMS), encompassing compliance initiatives, audit preparations, evidence gathering, risk monitoring, and follow-up on remediation efforts.

• Convert security and compliance requirements into actionable technical controls and assess their effectiveness.

• Deploy and manage essential security measures within the Microsoft/Entra environment, such as Multi-Factor Authentication (MFA), Conditional Access, role-based access, privileged access management, access reviews, endpoint security, and system hardening.

• Oversee operational security functions including Cyber Defence Center investigations, vulnerability and patch management, incident response, backup and restore security, ransomware preparedness, and evidence of restore tests.

• Embed security within IT operations, change and release processes, and service management, while reporting on the security posture using relevant Key Performance Indicators (KPIs) like MFA coverage, device compliance, patch status, critical risk assessments, and success rates of restore tests.

⛳️ Requirements

• Practical experience in IT security, M365/Entra administration, endpoint management, IT operations, or a similar technical position.

• Strong understanding of Microsoft security principles, particularly in identity and access management, endpoint security, and cloud security.

• Basic to thorough knowledge of ISO 27001 principles, including risk-based controls, policies, evidence management, and audit preparedness.

• Technical expertise across various domains such as Identity and Access Management (IAM), endpoint security, secure access, vulnerability management, logging/SIEM, or backup and recovery.

• A proactive, organized, and practical approach to work, with the capacity to document effectively, communicate across IT and business units, and see tasks through to completion.

🏝️ Benefits

• Health insurance

• Professional development

• Flexible work arrangements