Who are we?
Codility is the highest-rated SaaS platform that evaluates the skills of software professionals. Our mission is to enable companies to build and grow high-performing engineering teams. Codility has helped global enterprises like Microsoft, PayPal, Slack, and mid-market, and hyper-growth companies scale two times faster, mitigate bias in the hiring process, and save thousands of engineering hours that can go into shipping excellent code and building great products. We also service the needs of our customers in engineering management, including supporting their engineers’ learning and development, and optimally deploying people to teams and projects.
Codility is a remote-first and people-first company with main hubs in San Francisco, London, Warsaw, and Berlin. We have a team of over 200 people strong coming from 30 different countries contributing to a product and culture that we’re super proud of. Codility is rated as the top-performing talent management software on G2, has an overall rating of 4.8 out of 5 on Glassdoor, and has won the Best CEO award in 2021 on Comparably. We’re focused on continuing to develop a high-performance culture through continuous improvement and constantly placing our customer’s success at the heart of how we operate.
Why Codility needs you.
We’re expanding our product suite to be an end-to-end engineering talent platform and have an amazing opportunity to further establish ourselves as leaders in the space, and we need strong advocates like you to help us get there. By joining Codility, you will have the unique opportunity to impact the HR tech stacks of high growth to enterprise companies and drive a new shift in how world-class engineering teams are built. Today, Codility powers 1,200+ businesses in 70+ countries, and has evaluated over 16 million engineers and counting.
To do this, we are seeking an Information Security Specialist to own the security process and procedures workflow.
What you will do.
- Identify, assess, document, and articulate all types of data security and data privacy risks in addition to appropriate countermeasures and controls to address data security and data privacy concerns.
- Participate in audits (ISO 27001 and SOC2) of cyber programs and projects.
- Track audit findings and recommendations to ensure appropriate mitigation actions are taken.
- Adept at understanding the overall security/threat landscape and proposing solutions to mitigate risks from this environment.
- Create, review, and update security policies, procedures, standards and guidelines.
- Ensure that applications used in Codility meet security requirements.
- Drive secure coding training and evangelize secure coding best practices.
- Make recommendations for necessary changes to our security controls to address emerging security threats.
- Build and manage relationships with a wide network of local business and IT front-line and senior stakeholders.
We would love if you have.
- Familiarity with ISO 27001/27002/SOC 2 and their associated common controls
- Previous experience with Information Security Risk Management principles
- Experience performing vendor risk assessments
- Knowledge of data privacy regulations such as GDPR and CCPA
- An understanding of cloud computing concepts (PaaS, IaaS, and SaaS)
- Familiarity with SDLC principles
- Working experience with one or more GRC tools (ex. OneTrust, RSA Archer, Zen GRC, etc.)
- Experience with change management tools (Jira, GitHub, etc.), a plus
- CISA or CISM certification, a plus
What we offer.
- A progressive remote first culture with a strong compensation plan.
- Employee Stock Ownership Plan that gives everyone interest in the company.
- Amazing benefits to include:
- 27 days of PTO
- 4 mental health days
- Incredible health, dental, and vision
- Monthly Health & Wellness budget
- Yearly Personal Development budget
At Codility, we know that great work isn’t done without a phenomenal team. We are always looking to hire the absolute best talent and recognize that diversity in our experiences and backgrounds is what makes us stronger. We insist on an inclusive culture where everyone feels safe to contribute and help us innovate. We hire candidates of any race, color, ancestry, religion, national origin, sexual orientation, gender identity, age, marital or family status, disability, or veteran status. These differences are what enable us to work towards the future we envision for ourselves, our product, our customers, and our world.