Alite International is a knowledge and software consultancy company founded in Sweden. We are represented in 6 countries and are working within Digital Transformation, Digital Innovation and Smart Sourcing.
With us, you will be working with amazing clients, innovative and challenging projects, and highly skilled co-workers.
At Alite International we are looking for a Data Compliance and Security Manager (DCSM) to join our team in Belgrade office.
If you strive to gain experience in a dynamic and team-driven environment and you are a highly motivated and proactive person, this job position is for you.
Scope, purpose, and nature of the role
The DCSM is the thought-leader for data compliance related activities including information risk
and security management throughout the organization and an expert in cloud security technologies, especially AWS. This manager position reports regarding data compliance and security matters concerning the Alite Group to the Group CEO and/or board. This position has no personnel responsibility.
The primary functions of the Information DCSM are to:
- Inspire and coordinate the wide variety of activities associated with identifying, evaluating and treating information risks throughout the organization, and
- Lead all the data compliance related activities to ensure the organization is compliant with relevant data protection related obligations imposed by laws, relevant regulations, industry best practice standards including ISO 27001 and GDPR.
Duties and responsibilities
- Ensure that the organization’s information management and asset control are legal and secure and that the organization is compliant with relevant data protection related obligations imposed by laws, relevant regulations, industry best practice standards and internal governance procedures, contracts, policies etc. including standards such as ISO 27001 and GDPR as applicable in all markets that Alite, and its customers / partners operate in.
- Proactively identifies, assesses, and develops suitable actions.
- Directly responsible for cloud solution security and the surety of the organization’s information.
- Monitors compliance with relevant data protection related obligations such as ISO 27001, GDPR and other national data protection laws as well as established policies.
- Acts as a specialist professional advisor on data protection compliance matters and regularly reviews data security and management processes, policies, and adherence across the business to identify and deliver recommendations to the Management Team to ensure robust and strict adherence to Data Protection legislation.
- Owns the information parts of the compliance database and regularly reviews data security and management processes/policies and oversees implementation and adherence across the business to identify and deliver recommendations to the Management Team to ensure robust and strict adherence to Data Protection legislation. Ensures issues are identified, tracked, reported on, and resolved in a timely manner.
- Establishes, implements, and performs internal annual audits to ensure compliance.
- Elevates awareness within the organization about data compliance requirements, trains all the employees and the business as a whole.
- Manages all internal data protection activities.
- Cleanses, de-dupe, and restructure where appropriate all electronically held information.
Personal character and competences
- Decisive and a doer – is able to make difficult decisions, prioritize along strategic lines, and take appropriate action.
- Self-motivated, confident, and assertive in order to take necessary actions that may be unpopular with those risking /contravening laws, policies, terms etc.
- Likes a challenge – responds positively under difficult circumstances, thrives when working on multiple tasks.
- Able to productively participate in discussions with technical and non-technical colleagues.
- Strong interpersonal skills and communicates in a clear and concise manner (written and verbal).
Qualifications, skills, and experience
The following reflect the DESIRED level of qualifications, skills, and experience. Areas not fulfilled at the entry of the role can be viewed as a progression of the person in this role.
Qualifications and skills:
- Born in cloud, and AWS Security competence
- CSA certified https://cloudsecurityalliance.org/star/levels/
- IEC-62443 https://en.wikipedia.org/wiki/IEC_62443
- OAuth2 https://oauth.net/
- Successfully transforming and managing significant information management.
- Industrial communication networks - IT security for networks and systems
- Current and emerging applicable laws and regulations that relate to information and data management.
- IT and digital systems: General experience in the delivery lifecycle for IT and digital systems and capabilities.
- Information management: at least 2 years, ideally holding relevant qualifications or degree.
- Compliance and enforcement: at least 3 years.
- Cloud security: at least 5 years.
The applicant is willing to undergo background checks to verify identity, character, competence, qualifications, skills, and experience. Documentation of qualifications and list references to be provided upon request.
If you are interested, please send us your CV electronically.
We thank every candidate who applies for this position.
Only shortlisted candidates will be contacted.