Security Compliance Specialist

Founded in 2000, JetBrains is a global software vendor that provides some of the most effective and trusted developer tools. Our products help make many of the world's most dynamic companies and individuals more creative and productive, and over 11.4 million developers already use our products. At JetBrains, we are passionate about creating tools that help individuals and teams grow, discover, and create.

Our Security team is responsible for several domains, such as the security of JetBrains products, infrastructure security, and ensuring ongoing compliance with industry best practices, including the SOC 2 Type II framework. We are currently looking for a Security Compliance Specialist to help improve our processes.

• Handle customer requests related to vendor due diligence processes.
• Help our Legal team review contract sections related to security.
• Participate in discussions with customers to address security-related topics.
• Evaluate third parties (vendors, suppliers, etc.) to make sure they comply with JetBrains' security requirements.
• Improve security checks of suppliers during the procurement process.
• Collaborate with internal teams to address security compliance gaps and remediate issues.
• Take part in projects related to security compliance certifications, including external audits and internal self-assessments.
• Draft and maintain security compliance documentation.
• Implement and monitor security compliance procedures, following the SOC 2 requirements and industry best practices.
• Execute a robust information security risk management program, including by conducting risk assessments in accordance with SOC 2, the NIST RMF, and industry best practices.
• Provide guidance to remediate identified risks and ensure ongoing compliance.

• Proven experience in security compliance.
• Knowledge of various security and privacy standards and regulations (SOC 2, ISO 27001, NIS 2, DORA, the NIST CSF, the NIST SSDF, etc.).
• A degree in computer science, information technology, or a relevant discipline.
• Fluent level of English with good writing and speaking skills.
• Analytical and problem-solving skills, as well as a results-oriented approach.

• Experience passing security compliance audits (SOC 2, ISO 27001).
• Skills and experience in web, network, and infrastructure security approaches.
• Experience in process automation.
• Experience with JetBrains products.
• Relevant security certifications (CRISC, CISA, CISSP, etc.).