Information Security Specialist

Who are we?

Codility is the #1 rated technical hiring platform. Our mission is to enable engineering teams to make accurate and fair hiring decisions efficiently. Codility is partnering with innovative companies like Microsoft, Amazon and PayPal to help them build and grow diverse, high-performing engineering teams through our CodeCheck platform to screen candidate skills; CodeLive to host technical interviews; and CodeChallenges for recruitment marketing. We have an amazing opportunity to further establish ourselves as leaders in the space, and we need strong advocates to help us get there.

By joining Codility, you will have the unique opportunity to impact the HR tech stacks of high growth to enterprise companies and drive a new shift in how world class engineering teams are built. Today, Codility powers 1,500+ businesses in 63 countries; facilitates 50,000+ candidate evaluations monthly; and has evaluated over 12 million engineers and counting.

Why Codility needs you.

We are growing at warp speed. Every innovative company in the world is looking to attract and hire the best developer talent and do it in a fast, easy, and efficient way. As the leader in technical hiring, we help recruiters and engineering teams save time and win in the war for talent by focusing their attention on the best technical candidates.

To do this, we are seeking an Information Security Specialist to own the security process and procedures workflow. 

What you will do.

• Identify, assess, document, and articulate all types of data security and data privacy risks in addition to appropriate countermeasures and controls to address data security and data privacy concerns.
• Participate in audits (ISO 27001 and SOC2) of cyber programs and projects. 
• Track audit findings and recommendations to ensure appropriate mitigation actions are taken.
• Adept at understanding the overall security/threat landscape and proposing solutions to mitigate risks from this environment.
• Create, review, and update security policies, procedures, standards and guidelines.
• Ensure that applications used in Codility meet security requirements.
• Drive secure coding training and evangelize secure coding best practices.
• Make recommendations for necessary changes to our security controls to address emerging security threats.
• Build and manage relationships with a wide network of local business and IT front-line and senior stakeholders.

We would love if you have.

• Familiarity with ISO 27001/27002/SOC 2 and their associated common controls
• Previous experience with Information Security Risk Management principles
• Experience performing vendor risk assessments
• Knowledge of data privacy regulations such as GDPR and CCPA
• An understanding of cloud computing concepts (PaaS, IaaS, and SaaS)
• Familiarity with SDLC principles
• Working experience with one or more GRC tools (ex. OneTrust, RSA Archer, Zen GRC, etc.)
• Experience with change management tools (Jira, GitHub, etc.), a plus
• CISA or CISM certification, a plus

What we offer.

• A progressive remote first culture with a strong compensation plan.
• Employee Stock Ownership Plan that gives everyone interest in the company.
• Amazing benefits to include:
• 27 days of PTO
• 4 mental health days
• Incredible health, dental, and vision
• Monthly Health & Wellness budget 
• Yearly Personal Development budget

DISCLAIMER:

At Codility, we know that great work isn’t done without a phenomenal team. We are always looking to hire the absolute best talent and recognize that diversity in our experiences and backgrounds is what makes us stronger. We insist on an inclusive culture where everyone feels safe to contribute and help us innovate. We hire candidates of any race, color, ancestry, religion, national origin, sexual orientation, gender identity, age, marital or family status, disability, or veteran status. These differences are what enable us to work towards the future we envision for ourselves, our product, our customers, and our world.