O poziciji

Do you want to join a growing team of top professionals who invest time and effort into teaching, career growth, and cultivating employees into the next generation of IT experts? You've come to the right place. Span is a Croatian IT company with a global reach specializing in high-quality information systems design and management services, as well as tech support for customers and enterprises. We're constantly improving, advancing, and adopting new trends, new skills, and new expertise, giving our employees virtually endless opportunities for professional development.

As a result of higher demand and new growing businesses as well as customer requests in the fields of Governance, Risks and Compliance, we are looking for new members to join us. Depending on the background, interests, and prior experiences, our GRC colleagues are pursuing three distinct career paths. We are ready to support your growth along the selected path if you choose to focus more intently on any one of the three areas.

The GRC department covers different topics regarding ISO standards and related best practices, but also existing laws and regulations which are related to information security, as well as development and improvement of business processes. This means cooperation with our technical teams to design and implement the best solutions related to information security.

We work on domestic and international projects which also means interaction and learning from various international experts in the fields of governance, risk, and compliance. Projects are diverse and require constant research and learning, creativity as well as proactivity.

What you'll do:

• Collaborating with key stakeholders to examine business processes and existing information security practices
• Collecting and assessing customer needs in terms of data governance and data security. Align it with best practices, and applicable regulatory frameworks
• Drafting and developing the information security rules and procedures that are agreed with the key stakeholders
• Presenting different information security, compliance and risk related topics to key stakeholders

What we expect:

• 3 years of working experience
• Understanding IT processes and methodologies
• Active knowledge of English (written and spoken)
• High motivation to work in accordance with security principles and best practices
• Excellent written and verbal communication skills
• Willingness to learn

Skills that will bring you extra points:

• Working experience within IT field
• Working experience in information security, internal audit, risk management
• Professional certificates (e.g., ISO 27001 Lead Auditor, CISA, CRISC)

What's in it for you:

• Competitive salary according to your experience
• A business phone of your choice
• InHouse testing center- we are giving you an option of gaining professional certificates
• Mentor - no matter how much experience you've got, we will provide you with an adequate mentor
• Regular feedback on your performance and personalized career development plan
• Possibility to earn different types of bonuses
• Subvention of Multisport card or PassSport- not only brain workout is important
• Minimum of 25 vacation days
• Complete health checks- adjusted for men and women
• Psychological counseling- we care about your well-being
• Lunch and transportation compensations
• Benefits for children of employees