Security Compliance and Risk Analyst - EMEA
Merkle Bulgaria provides global retailers with a single source for expertise, technology, and operational support. We have a proven track record for delivering, managing, and innovating multi-channel commerce platforms for major international brands and retailers including Adidas, Clarins, ASDA. Shiseido, Birkenstock, La Prairie, and more. Our world-class team has delivered sites for over 35 brands with more than 400 transactional eCommerce sites in 60 locations and on 6 continents.
As part of a global expansion strategy, the company has set up a key Sofia technology team of Software Architects, Software Developers, QA Engineers, Project Managers, and Technical Support Specialists. To support this strategy we are currently looking for talented people for the role of:
This role will support a broad range of security and risk disciplines including IT risk analysis, certifications (PCI-DSS, ISO 27001), internal audit, compliance, security controls (physical and logical), information security, and business continuity/disaster recovery (BC/DR)
Reporting to the EMEA Security Director, this role will be responsible for achieving alignment across various markets within the EMEA region, including assessing control alignment and supporting the global policies and standards.
The Security Compliance and Risk Analyst will demonstrate the ability to thrive in a fast-paced, dynamic environment, work independently, assess incidents/requests, and apply the correct level of urgency to achieve a mutually accepted solution, while providing exemplary customer service in support of Merkle’s information Technology and Security vision.
You will be responsible for delivering information security initiatives through the region, ensuring controls and culture are maintained, and for supporting business security requirements, leveraging global and regional capabilities.
Led by the EMEA Security Director, our EMEA Security team is responsible for driving global security initiatives across the region and supporting Merkle’s clients.
- 2-4 years of IT Security, Risk, Audit, or information system experience in a dynamic enterprise IT environment is highly recommended
- Experience performing IT audits and analyzing risk using industry accepted methodologies
- Effectively engage with external client audit staff to minimize high-risk findings and exposure to Merkle by using sound judgment and discretion
- Functional knowledge of security compliance initiatives within an enterprise technology environment such as NIST CSF, CSA, PCI DSS, Cyber Essentials
- Experience operating in a matrixed organization to meet the requirements of diverse stakeholders.
- Ability to maintain focus through conflict and challenging situations with positive outcomes for Merkle and its clients
- Track record of supporting information security in a diverse, fast-paced enterprise environment.
- Knowledge of all domains within security covering people, processes, and technology
- Understanding of security risk analysis techniques
- Understanding of cloud technologies and principles
- Ability to explain technically complex concepts to non-technical audiences combined with excellent communication and organizational skills
- Excellent written and verbal communication skills and ability to be understood by both technical and non-technical personnel
- Stakeholder management and interpersonal skills at both a technical and non-technical level
- Understanding of emerging technologies, architectures, and philosophies in the Cyber/Information Security portfolio.
- Strong working knowledge of ISO 27001 and maintenance of an ISMS
- CISA, CRISC or CISSP Certifications are a plus
- We are huge believers in work-life balance, that's why we offer all of our employees 25 days of paid leave;
- We recognize strong talent and go above and beyond to attract and retain the best people, that's why our remuneration packages are among the top on the market;
- We understand that there cannot be a "one size fits all" approach when it comes to benefits, that's why we have a customizable benefits package, that fits your own needs;
- Our teams operate using a hybrid work model and they can work from both the office and the comfort of their own home;
- Free parking spaces for all of our employees when they decide to work from the office;
- Free drinks and snacks in the office to help keep the energy levels up;
- Attend the most popular tech and business events in Bulgaria for free, of course.
Тhаnk you for reading about our role. If you decide to apply, keep in mind that we will be considering candidates who meet our requirements first, then everyone else. If you don't hear back from us, we may reach out in the future once we have a role that might be a better fit for you.