Security Compliance Specialist
JetBrains · Amsterdam, North Holland, Netherlands
- On site
- Full-time
- $95,000 / year
- Amsterdam, North Holland, Netherlands
Job highlights
- Enhance security compliance processes at JetBrains.
- Manage vendor due diligence and third-party evaluations.
- Support security audits and documentation efforts.
- Collaborate with Legal and internal teams.
- Ensure adherence to SOC 2 and industry standards.
About the role
About JetBrains
Founded in 2000, JetBrains is a global software vendor that provides some of the most effective and trusted developer tools. Our products help make many of the world's most dynamic companies and individuals more creative and productive, and over 11.4 million developers already use our products. At JetBrains, we are passionate about creating tools that help individuals and teams grow, discover, and create. Our Security team is responsible for several domains, such as the security of JetBrains products, infrastructure security, and ensuring ongoing compliance with industry best practices, including the SOC 2 Type II framework. We are currently looking for a Security Compliance Specialist to help improve our processes.Responsibilities
- Handle customer requests related to vendor due diligence processes.
- Help our Legal team review contract sections related to security.
- Participate in discussions with customers to address security-related topics.
- Evaluate third parties (vendors, suppliers, etc.) to make sure they comply with JetBrains' security requirements.
- Improve security checks of suppliers during the procurement process.
- Collaborate with internal teams to address security compliance gaps and remediate issues.
- Take part in projects related to security compliance certifications, including external audits and internal self-assessments.
- Draft and maintain security compliance documentation.
- Implement and monitor security compliance procedures, following the SOC 2 requirements and industry best practices.
- Execute a robust information security risk management program, including by conducting risk assessments in accordance with SOC 2, the NIST RMF, and industry best practices.
- Provide guidance to remediate identified risks and ensure ongoing compliance.
Qualifications
- Proven experience in security compliance.
- Knowledge of various security and privacy standards and regulations (SOC 2, ISO 27001, NIS 2, DORA, the NIST CSF, the NIST SSDF, etc.).
- A degree in computer science, information technology, or a relevant discipline.
- Fluent level of English with good writing and speaking skills.
- Analytical and problem-solving skills, as well as a results-oriented approach.
Nice to Have
- Experience passing security compliance audits (SOC 2, ISO 27001).
- Skills and experience in web, network, and infrastructure security approaches.
- Experience in process automation.
- Experience with JetBrains products.
- Relevant security certifications (CRISC, CISA, CISSP, etc.).
Key skills/competency
- Security Compliance
- SOC 2
- ISO 27001
- NIST RMF
- Risk Management
- Vendor Due Diligence
- Audits
- Security Documentation
- Information Security
- Process Improvement
Skills & topics
- Security Compliance Specialist
- Security Compliance
- SOC 2
- ISO 27001
- NIST
- Risk Management
- Vendor Due Diligence
- Information Security
- Audits
- IT Compliance
How to get hired
- Tailor your resume: Highlight your experience with security compliance, specific standards like SOC 2 and ISO 27001, and risk management.
- Showcase your skills: Emphasize your analytical, problem-solving, and communication abilities relevant to a Security Compliance Specialist role at JetBrains.
- Prepare for interviews: Be ready to discuss your experience with security audits, vendor assessments, and how you've improved compliance procedures.
- Understand JetBrains: Research JetBrains' products and culture to articulate how your expertise aligns with their mission.
- Follow application instructions: Carefully review the recruitment privacy policy and submit your application accurately.
Technical preparation
Master SOC 2 and ISO 27001 requirements.,Practice NIST RMF and risk assessment methodologies.,Familiarize with vendor due diligence processes.,Review security documentation and policy drafting.
Behavioral questions
Describe a complex compliance issue you resolved.,How do you handle conflicting security requirements?,How do you prioritize tasks during an audit?,How do you communicate security risks to stakeholders?
Frequently asked questions
- What are the key security standards JetBrains follows for this Security Compliance Specialist role?
- For the Security Compliance Specialist role at JetBrains, key standards include SOC 2 Type II, ISO 27001, NIS 2, DORA, and various NIST frameworks (CSF, SSDF, RMF). Your experience with these will be highly valued.
- What kind of customer interaction can I expect as a Security Compliance Specialist at JetBrains?
- As a Security Compliance Specialist at JetBrains, you will handle customer requests related to vendor due diligence, participate in discussions to address security topics, and potentially review contract sections related to security.
- What are the main responsibilities of the Security Compliance Specialist at JetBrains?
- The main responsibilities include managing vendor due diligence, reviewing security aspects of contracts, evaluating third parties, improving supplier security checks, addressing compliance gaps, participating in audits, drafting documentation, and implementing security procedures.
- What technical skills are most important for a Security Compliance Specialist at JetBrains?
- Key technical skills include a strong understanding of security and privacy standards (SOC 2, ISO 27001, etc.), risk management, and ideally, experience with web, network, and infrastructure security approaches, as well as process automation.
- What educational background is preferred for the Security Compliance Specialist position at JetBrains?
- JetBrains prefers candidates with a degree in computer science, information technology, or a related discipline for the Security Compliance Specialist role.
- Are there specific certifications that would make a candidate stand out for this role at JetBrains?
- Yes, relevant security certifications such as CRISC, CISA, or CISSP would be particularly advantageous for a Security Compliance Specialist at JetBrains.
- How does JetBrains handle the data provided in job applications for the Security Compliance Specialist role?
- JetBrains processes all data from job applications in accordance with their Recruitment Privacy Policy, which is available on their official website.
- What is the role of the Security team at JetBrains?
- The Security team at JetBrains is responsible for product security, infrastructure security, and ensuring compliance with industry best practices, including frameworks like SOC 2 Type II.