Senior Security Specialist ensuring compliance and security measures at Disney. Supporting audit processes and collaborating on risk assessments to enhance cybersecurity.
About the role
- Information Security Director leading the strategic vision in cybersecurity for Bragg. Managing risk and compliance in a fast-paced international environment from Ljubljana.
Responsibilities
- Develop, implement, and maintain the company-wide information security strategy, vision, and roadmap.
- Lead the identification, analysis, and evaluation of security risks, approving risk treatment plans and mitigation strategies.
- Report on the organization's security posture and risk assessment findings to executive management.
- Establish, manage, and optimize the information security budget, allocating resources effectively for key security initiatives.
- Ensure and maintain compliance with major legal (e.g., GDPR) and regulatory frameworks (e.g., ISO 27001, SOC2).
- Oversee the execution of security awareness programs, fostering and promoting a "security-first" culture throughout the organization.
- Lead the strategic response to major security incidents and breaches, focusing on effective crisis communication and minimizing business impact.
- Govern the security approval process for new tools and vendors, and provide strategic input into the change management policy.
- Lead and coordinate internal and external security audits, ensuring all requirements are met and non-conformities are addressed.
- Stay up to date with the latest security threats, evaluate emerging security strategies, and maintain industry leadership.
Requirements
- 8+ years of experience in information security, with at least 3-5 years in a security leadership or strategic role.
- Deep knowledge and practical experience in developing strategies and governing frameworks like ISO 27001 and SOC.
- Proven experience in developing security strategy, managing enterprise risk, and security budget management.
- Hands-on experience in leading complex security incident response and crisis management.
- Exceptional communication and presentation skills, with the ability to articulate complex security risks to non-technical executive stakeholders.
- A proactive and strategic mindset and the ability to lead a team or work independently as needed.
- Self-driven, energetic, and hands-on, with a "can do, get it done" mindset.
- Strong ability to prioritize and manage several strategic initiatives simultaneously.
- Bonus points if you hold security certifications (e.g., CISSP, CISM, CISA).
- You have experience working in big enterprise environments and software development industry.
Benefits
- Competitive compensation (based on your experience).
- Hybrid work model.
- 30 days annual leave.
- Educational learning opportunities to support each employee's professional growth journey.
- Sports activities, team building, and informal gatherings.
- Free drinks, fruit, and ice cream.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Risk Analyst supporting Keyloop’s Security Governance by managing information security risks. Identifying and monitoring risks while ensuring compliance with regulatory standards.
Cloud Security Engineer responsible for designing and implementing security controls for cloud environments at Keyloop. Ensuring secure adoption and compliance while working with platform and engineering teams.
IT Infrastructure & Security Engineer managing and developing network and server infrastructure at L - mobile. Collaborating on security measures and supporting internal audits in a hybrid role.
Ingénieur sécurité des procédés en alternance chez Arkema. Conception de e - learning et développement d’outils pour évaluer les risques industriels.
Cyber Security Consultant to deliver Wanstor’s security offerings and improve customer Cyber Security and Data Security. Involves consulting, implementation, and oversight of security measures.
Senior Manager in IT - Strategieberatung for Defense & Security, developing client relationships and growth strategies. Leading IT transformation projects in security - critical organizations.
Information Security Expert overseeing ISMS development and IT security compliance in Germany. Collaborates with management and leads regulatory requirements implementation.
IT Professional responsible for implementing innovative industrial IT solutions. Working in an agile environment while ensuring IT and OT security for production networks.
Security Compliance Specialist enhancing cybersecurity and compliance framework at Trezor. Collaborating across teams to shape security and compliance operations in the tech sector.