Information Security Manager
Belgrade, Serbia
Job Description
BrainRocket is a global company creating end-to-end tech products for clients across Fintech, iGaming, and Marketing. Young, ambitious, and unstoppable, we've already taken Cyprus, Malta, Portugal, Poland, and Serbia by storm. Our BRO team consists of 1,300 bright minds creating innovative ideas and products. We don’t follow formats. We shape them. We build what works, launch it fast, and make sure it hits.
We are looking for an Information Security Manager.
✅ Responsibilities:
✔️ Manage and conduct internal access audits, security controls audits to ensure compliance with security policies.
✔️ Oversee the implementation and maintenance of ISO 27001 and ISO 27701 standards, PCI DSS.
✔️ Conducting ISO 27001 and ISO 27701 internal audits.
✔️ Assist in preparing for and successfully passing external security audits (ISO 27001, ISO 27701, PCI DSS), including those required by gambling regulatory bodies.
✔️ Collaborate with cross-functional teams to identify and mitigate security risks.
✔️ Maintain and update the organization's Information Security Management System (ISMS).
✔️ Ensure compliance with all relevant regulatory frameworks and legislation.
✔️ Maintain up-to-date knowledge of security threats, trends.
✔️ Regularly report on security performance metrics and risks to senior management.
✔️ Review, update, create company policies, additional procedures and documents to comply with security standards
✅ Requirements:
✔️ Minimum 2 years of experience in a security operations, IT security role, IT Audits.
✔️ Understanding of information security principles, best practices.
✔️ Excellent written and verbal communication skills are required. The ability to convey complex security concepts in a clear and understandable manner to employees at all levels.
✔️ ISO 27001 Lead Auditor/Lead Implementer Certification.
✔️ Knowledge of relevant Information Security and data privacy laws, regulations (GDPR, ISO27001, ISO27002, ISO27701, PCI DSS).
✔️ Experiences in performing internal security audits, ISO27001, ISO27701, security controls audits, employee access audits.
✔️ Strong understanding of access control systems, risk management, and security frameworks.
✔️ Expertise in information security risk assessment and management.
✅ Nice to have:
✔️ A Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
✔️ Additional certifications PCI DSS Implementation, ISO 27002 Lead Manager, ISO 27701 Lead Implementer, Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM).
✅ We offer excellent benefits, including but not limited to:
🧑🏻💻 Learning and development opportunities and interesting, challenging tasks.
📚 Opportunity to develop language skills, with partial compensation for the cost of English classes (for localisation purposes).
🏥 Global coverage health insurance.
🏝 Time for proper rest, with 20 working days of annual vacation and additional paid sick days.
📈 Competitive remuneration level with annual review.
🤝 Team-building activities.
Bold moves start here. Make yours. Apply today!