+ 4+ years in IT security and compliance
+ Extensive, practice-based knowledge of security management frameworks, such as SOC2, ISO 27k, GDPR, NIST.
+ Proven track record of IT security audits/projects implementation
+ Ability to develop information security policies, setup ISMS and guidelines;
+ Good knowledge of risk management, its purpose, and approaches. Ability to evaluate risks and create a risks management plan
+ Understanding OWASP Top 10 and OWASP ASVS frameworks. Ability to describe vulnerabilities, ways of exploitations, and fix methods
+ Understanding and implementing vulnerability & patch management. Knowledge in vulnerability scanners.
+ Ability to validate scan results and provide recommendations
+ Ability to develop and conduct security trainings and workshops
+ Good level of professional English (at least Upper-Intermediate)
+ Good communication skills, responsible, initiative, self-organized, eagerness to learn
Joining us will let you enjoy:
+ Rapid self-development and learning
+ Working with the latest technologies
+ Work laptop
+ Paid vacation leaves and sick leaves
+ Challenging tasks from day 1
+ Young, smart, friendly Team to help you rise to the challenges
This position will also include:
+ Equity in the company
+ Opportunity to work in an internationally established startup that has already raised Venture Capital
If you are looking for the adventure of a lifetime and are interested in this opportunity, please send the following information:
2) Link to the LinkedIn profile
* Lead Shelf’s Cybersecurity program and define security policies
* Ensure continuous SOC2 type II compliance
* Assist sales and customer success teams with customer due diligence, such as answering compliance questionnaires or security-related RFP questions
* Coordinate external security vendors, such as for external penetration tests
* Evaluate and manage corporate risks related to IT security
* Implement security strategy & roadmap
* Prepare and document standard operating procedures and protocols
* Cooperation and communication with employees, top management and customers for all security-related topics (audits, risk assessments, estimating impact for critical security events, other security-related issues etc.)
* Work with engineering on monitoring adherence to safe coding principles
* Keeping up to date with developments in IT security standards and threats
Shelf is a distributed software development company that applies technology to the problem of organizing knowledge for contact centers. By applying AI and data analysis, Shelf helps companies organize large quantities of unstructured knowledge regardless of its format, including text, audio, video, etc. Shelf’s approach to centralized knowledge ensures that the information customers get from agents or platforms is always consistent and accurate.
We believe our AI-led vision can empower the betterment of the workforce by solving massive training and knowledge gaps in the modern economy. It’s our mission to give new employees access to the knowledge of a veteran on Day 1, reducing stress and enabling success.
Team and roles>
We are building a team of individuals that are both strong team players and outstanding individual contributors. There’s no micromanagement — you will have all the trust and freedom as long as you do your job right.
An ideal candidate should always be up for the challenge, ready to work hard and make a difference every day. You will be responsible for the success of our customers and, ultimately, the success of the company.
This is a unique opportunity to apply your skills and creativity to help a cutting-edge tech company expand globally.
P.S. Check out our outstanding tech stack here stackshare.io/shelf/shelf