Information Security

Information Security Compliance Officer (Belgrade)

Belgrade   |   Full Time
Apply Now

We're looking for an experienced compliance analyst.

About us

CAKE.com is a unicorn, product-based software company, with offices in California, Europe, and Asia.

We are focused on creating products that are used by millions around the world. Some of our products include Clockify (time tracking app), Pumble (business communication app), and Plaky (task management app).

Clockify is the world's #1-time tracker, used by millions, from individuals to big companies like Hewlett-Packard Enterprise, American Express, Amazon, etc.


Responsibilities

  • Establish and maintain governance structures, policies, internal regulations, and procedures
  • Organize preparation and implementation of ISO27001, SOC 2, GDPR requirements
  • Collaborate with cross-functional teams to align Security GRC strategies with business objectives
  • Ensure compliance with relevant laws, regulations, and industry standards
  • Create and update policies related to information security and compliance
  • Identify, assess, and prioritize risks across the organization
  • Develop and implement risk mitigation strategies
  • Monitor risk exposure and recommend adjustments as needed
  • Coordinate internal and external audits
  • Address audit findings and implement corrective actions
  • Regularly assess the effectiveness of Security GRC strategies
  • Evaluate third-party vendors for compliance and risk
  • Completion of questionnaires regarding company security

Requirements

  • 5+ years in cybersecurity: security architecture, processes, GRC
  • Deep understanding and ability to manage compliance with multiple standards of security frameworks: ISO 27k, SOC 2
  • Experience building security processes from scratch or managing major process changes
  • Understanding of the shared responsibility model and cloud specifics, experience with cloud-native security solutions
  • Demonstrated ability to collaborate with cross-functional teams to deliver results in a fast-paced environment
  • Excellent communication skills, with the ability to effectively articulate technical concepts and product value propositions to both technical and non-technical stakeholders
  • Experience with software development related to security and privacy
  • Technical knowledge of network security, device security, and other technologies
  • Excellent written and verbal English communication skills
  • Ability to work in the CET timezone (9:00-17:00 UTC+1)
  • Fluent in Ex-Yu languages (Serbian, Bosnian, Croatian, Montenegrin)

Nice to haves

  • Bachelor's degree
  • Understanding of GDPR and other global privacy regulations

What we provide

  • Working in a product-based company with talented experts in the domain
  • Onsite (Belgrade office)
  • A supportive, healthy, and transparent work culture that encourages innovation and growth
  • Private health insurance
  • Private dental insurance
  • In-house learning program (social/soft skills workshops, leadership training, tech lectures, knowledge sharing, and tech clubs)
  • Fresh fruits, soft drinks
  • Breakfast in office

Submit Your Application

You have successfully applied
  • You have errors in applying