Sofia, Bulgaria | Full Time
Do you want to work at the forefront of technologies?
HeleCloud™ is a fast-growing technology consultancy and managed services business focused on the AWS platform. We take our clients on a complete journey into the Cloud and work closely with businesses to develop a Cloud roadmap, ensuring that their transition into the Cloud is smooth, secure, and adds value to the organisation. We don’t just stop at making technology work for our clients, we ensure that their teams also understand the Cloud as well as we do and can make the most of it. We operate across EMEA with offices in the Netherlands, UK and Bulgaria. We are expanding our teams with an Information Security Officer.
We are a bunch of cloud and automation enthusiasts helping customers benefit from using the cloud. You will be part of the broader Managed Services organization but working for HeleCloud as a customer. Apart from yourself, there will be 1-2 other people handling internal support. Anyone working on internal HeleCloud maintenance can transition to handling AWS customer work as their next career step.
We live and breathe IaC so we have a close relationship with Terraform, Ansible, Python, and bash and a slightly more distant relationship with CloudFormation and PowerShell. We use the Atlassian Stack for ticket, source code, and documentation management.
Our customers have either just migrated to the cloud or have used it for a few years already. In both cases, we are their partners in the cloud journey, helping them achieve reliable, immutable, secure, and cost-efficient infrastructure. This means more than half of our time is spent making changes -from simple IP whitelists to CI/CD pipeline modifications. We rely on ITIL for change management to ensure we avoid incidents, but we don’t follow the framework by the book. We have regular calls with customers to prioritise backlog items and discuss improvement initiatives.
We are looking for someone to take ownership of our internal Security and Compliance. If this is you, your job would be to:
- Drive the continuous improvement of internal security and compliance policies and procedures for all internal systems (Atlassian, AWS, Office365, etc.)
- Lead the Information Security Office in HeleCloud by developing the company’s IT security strategy and managing its execution
- Lead HeleCloud’s compliance and security audits and maintain a continuous ISO27001 and GDPR compliance
- Ensure effective information security training programs are in place to increase awareness
- Assist in pre-sales efforts where internal security and compliance information is being requested
- Own the Security Incident Response by leading and coordinating the investigation and remediation, as well as the post-mortem analysis;
- Lead the ongoing Single Sign-On project.
- Experience in information or cybersecurity role;
- Knowledge and experience in information security principles, algorithms, protocols, technologies and their best practices supporting encryption, authentication, access control, information systems attack patterns, intrusion detection and prevention, web and network security, DLP, vulnerabilities and patch management, etc.;
- Strong communication skills and ability to collaborate effectively with other departments;
- Good understanding of security monitoring, correlations, and analysis;
- А can-do attitude;
- Understanding of BCP and DR;
- One or more of the following certificates will be considered a plus: CISM, CISSP, GIAC;
- Excellent analytical and problem-solving abilities to identify security risks and propose solutions to fix them;
- Fluent English (written and spoken).