Skip to main content

Select your location

Search
Abstract image of arrows

Information Security Officer

at Kin + Carta Europe

Location: Sofia

Department: IT

Apply

About Kin + Carta

Want to help build a world that works better for everyone? Kin + Carta is a global digital transformation consultancy that makes a difference to the billions who now work, play, shop, communicate and share online.

Join 1,600 curious and diverse minds in connecting people, data and technology to produce amazing experiences for some of the world’s most influential companies. Become a maker, builder or creator as we explore the possibilities of sustainable digital technology, helping clients to rapidly innovate, modernise their systems, enable their teams, and optimise for continued growth. 

We focus on tech but we’re a proudly inclusive business with trust and human connection at its heart. People, the planet, and profit matter equally to us which is why we’re a certified B Corporation in the United States and Europe. With additional offices in South America, there is a place for you here wherever you’re based.

The role in a nutshell

Directly reporting to the Global Head of Digital Defence (Information Security) the European Information Security Officer will drive and support standards of Information Security for K+C across Europe aligned with Global operations. The goal is to establish a globally recognised information security management system to build One Secure Kin and Carta. This role will give you the opportunity to progress to an Information Security Manager, and extend the team out as the company brings on more customers and grows.

What you can expect

The Information Security Officer will be responsible for identifying security requirements, maintaining standards and auditing stakeholder operations to ensure the continued improvement of Information Security standards are compliant across the region and aligned globally through exceptional service, clear communication, strong tenacity and technical expertise.

Key Responsibilities

  • Pursue infosec excellence for the region with the continuous development and management of K+C InfoSec standards to ensure compliance for Cyber Essentials Plus, PCI-DSS, ISO 27001 and other stakeholder requirements.
  • Perform internal security reviews against operational activities in line with international standards.
  • Security assess new and current suppliers - plan, organise and review Digital implementations, tools, APIs and platforms. 
  • Support the completion of stakeholder infoSec schedules for RFPs, MSAs, delivery and project teams, by resolving project queries and approval of security requirements 
  • Contribute to the InfoSec Risk Register and collaborate on treatment of risks tailored to the needs of the region. Manage and track mitigations, remediations and compensating controls.
  • Completing Information Security assessments from external parties in a timely manner
  • Establish and review monitoring and logging process and standards 
  • Designing, delivering and monitoring InfoSec training and awareness
  • Integral part of Incident Management Team 
  • Contribute to the performance and improvement of the ISMS
  • Reviewer and approver of ISMS documentation 
  • Collaborate with K+C and CDS, providing information security consultancy, strategy and implementation planning along with the prioritisation of the highest impact projects 
  • Joint responsibility with the Digital Defence team for all BAU tickets and tasks and recording time and tag allocation.
  • Attend, facilitate, and/or capture meetings and content
  • Contributor to cyber and information security reports, briefings and whitepapers 
  • Help define and provide data for KPIs
  • Consult and educate Kin on good infosec practices.

The type of person we’d love to meet:

  • Experience in a security role with the emphasis on risk, policy and governance
  • ISMS Documentation Development
  • Technical understanding with an investigative mindset.
  • Ability to identify and educate technical and operational security improvements 
  • A working understanding of security frameworks or methodologies, CyberEssentials (Plus) and/or ISO27001
  • Exposure to Enterprise Security tools AV, Vulnerability, IAM, SSO.
  • Efficient, firm but friendly character that will ensure tasks are being instigated and confident enough to escalate where necessary.
  • Continuous improvement with activities that stretch you beyond your job role, an opportunist who finds the positive side of a challenge.
  • Critical Thinking with a mindset that considers solutions prior to presenting challenges
  • Lead and produce quality work with minimal guidance.
  • Collaboratively work with 3rd parties and handle challenging relationships with diplomacy and balance.
  • Understanding and mapping business context against information security best practices
  • Strong stakeholder management skills, with the ability to drive change and improvements across K+C.
  • Acting honourably, honestly, justly, responsibly, and legally.
  • Global perspective - Regional delivery. 
  • Comfortable with multi-tasking
  • Excellent communication skills

Qualifications

We are ideally looking for somebody with the following qualifications; however, we are open to hearing from candidates with alternative qualifications or those who are currently in the process of achieving these.

  • CompTIA Security+
  • Microsoft Certified: Cybersecurity
  • ISO 27001 ISMS Foundation
  • InfoSec Auditing
  • CISSP, CISM or equivalent training

The interview process at Kin + Carta

Here’s what to expect from the interview process at Kin + Carta: 

Intro Call with the Talent Team (30 minutes) – If your skills and experience match the role requirements, our Talent team will contact you to arrange a call.  The aim of this call is to get to know you and for you to find out more about Kin + Carta. This call can be held either by telephone or Zoom. After this call, if we feel like you are a good match for the role, you’ll be invited to a first-stage interview.

First-Stage Interview (30 minutes) - This will be a Q&A style interview, lasting approximately 30 minutes. This process is designed to help our team find out about your skills and experience but also what you enjoy and what motivates you. It’s a great opportunity for you to ask our team questions and  learn more about us! If you are successful in the first stage interview, you will progress to the next stage of our interview process

Second-Stage Interview (45 minutes) - The second stage will be a 45 minute discussion and it’s a chance for our team to see how you apply your skills and experience and assess how that matches our expectations for the role. this is more of a subject matter Q&A stage.

Making a Decision - Following the interview process, our hiring team will get together to discuss feedback and make a final decision. We aim to get back to you as soon as we possibly can! 

Our average recruitment process takes around four weeks. You will be assigned a dedicated member of our Talent team  to support you throughout the process. 

We will always do our best to accommodate any reasonable adjustment requests. Please just let us know how we can make the interview process more accessible for you.

Here at Kin + Carta, we believe in building a better and more welcoming world for everyone. We want you to know that whoever you are, wherever you’re from, and whoever you love, you are welcome at Kin + Carta. We put our commitment to our global IDEA (Inclusion, Diversity, Equity and Awareness) programme at the centre of everything we do. We’re also a certified B Corp, which means we are committed to being a force for good and operate to the highest social and environmental performance standards.

Apply for this role

Whoever you are, wherever you’re from and whoever you love, you’ll find an open door at Kin + Carta. It’s yours to walk through if you’re passionate about building a better world for everyone, and you’re keen to be part of a diverse and inclusive culture that plays to people’s strengths and thrives on togetherness.