<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=557769&amp;fmt=gif https://dc.ads.linkedin.com/collect/?pid=557769&amp;fmt=gif ">

Information Security Risk & Compliance Analyst

Security, Sofia/Plovdiv, Full Time, лв.45,000 - лв.55,000 / year

Job Description

At Reward Gateway, we’re driven by our culture and our mission to “make the world a better place to work.” We do this through our products and technology, supporting over 4500 clients and their leaders to connect, recognise and engage with their people.

An opportunity has become available for an InfoSec Risk & Compliance professional to support our Governance, Risk & Compliance, and Information Security operations and be part of a growing business. 

At Reward Gateway, we already understand that Compliance and Security are paramount to our success, reflected in the culture. Our Leadership Team is fully committed to Compliance and Information Security and you won’t have to spend time convincing stakeholders to care - you’ll be empowered to improve the company.

We have a longstanding ISO 27001 programme and are on the final stretch toward SOC2 Type II compliance. We are also working toward attaining Cyber Essentials Plus compliance, with ISO 9001 planned as well. These standards structure everything we do and enable our business to grow by providing a high level of assurance to our customers.

Key Responsibilities

  • Support our control framework covering ISO 27001, SOC2 Type II, PCI DSS, Cyber Essentials Plus and (in the future) ISO 9001
  • Ensure ISO readiness/compliance by conducting/supporting periodic internal audits and participate in hosting ISO registrar audits
  • Assist with analysis, documentation and remediation actions for detected audit observations
  • Verify implementation and effectiveness of the corrective/preventative actions
  • Support the GRC Manager and process owners in developing, documenting, reviewing, and communicating company processes and procedures to incorporate best practices in Quality Management and Information Security Management
  • Maintain the compliance automation platform for achieving streamlined compliance activities
  • Support the Director of Information Security and Risk Owners with the risk management process


  • 1+ year experience working in Information Security Compliance/Internal Audit 
  • Experience with a compliance framework (ISO27001, SOC 2 Type II, PCI DSS) would be advantageous but not essential (You’re not expected to have expertise in all these frameworks)
  • Understanding of information security concepts and technology
  • Previous exposure to cloud technologies and cloud security
  • Experience in Document Management (incl. Good Documentation Practices) and procedure review
  • Excellent English communication skills 
  • Comfortable with working across multiple projects, geographical locations, and assignments at once
  • Have a risk-based approach to problem solving

The Interview Process

  • A 30 minute video interview with the Senior Talent Partner
  • First stage online interview with the Governance Risk & Compliance Manager 
  • Final stage video interview with the Director of Information Security and the Governance Risk & Compliance Manager
Be comfortable. Be you.
At Reward Gateway, we want all of our employees to feel comfortable bringing their passion, creativity and individuality to work. We value all cultures, backgrounds and experiences, as we truly believe that diversity drives innovation. Express yourself, join our community and help us Make the World a Better Place to Work.

We hire BETTER. 
From perks to people, our BETTER approach to hiring earns us more trust, happier people and more world-class talent that help us to make the world a better place to work. Find out more about Reward Gateways approach to benefits, equality, talent, technology, empathy and what you’ll get in return for joining our Mission at rg.co/lifeatrg.
Apply Now

Other jobs you may be interested in

register for job alerts

Can't find what you're looking for?

If you can't see a job that interests you, why not register for our job alerts by email service? And we'll email you when a job that matches what you're looking for is uploaded onto the site.

Join our talent community