Information Security Compliance Engineer
About the role
We are looking for an Information Security Compliance Engineer to join our Quality & Compliance team. You will support the development of our security framework, internal audits, and client-facing compliance activities, ensuring alignment with international standards and regulations.
Tech stack:
ISO/IEC 27001 (ISMS)
TISAX / VDA ISA
GDPR
NIS2
Requirements:
2–4 years of experience in information security / compliance / risk (IT environment preferred)
Practical knowledge of ISO/IEC 27001 (ISMS, audits, controls, corrective actions)
Good understanding of GDPR and data protection
Familiarity with NIS2
Ability to assess security controls (governance perspective)
Very good English (spoken and written)
Strong analytical skills and attention to detail
Ability to communicate clearly with technical and non-technical stakeholders
Self-driven mindset and ability to manage multiple topics independently
Professional approach, high integrity, and attention to confidentiality
Nice to have:
Experienced in using AI tools in day-to-day workflow
Experience with TISAX / VDA ISA
Other ISO-based management systems (e.g. ISO 9001)
ISO 27001 Lead Auditor or CISA certification
Experience in consulting roles
Project description:
You will join an independent Quality & Compliance function and help maintain and develop the organization’s information security compliance framework. The role includes internal assurance work (e.g., internal audits and continuous improvement) and client-facing activities (e.g., customer audits, security questionnaires, and due diligence). You will act as a trusted advisor for both internal stakeholders and external clients, providing clear and actionable guidance on security and compliance topics.
Main responsibilities:
Maintain and improve ISMS (ISO 27001, TISAX)
Support internal and external audits
Identify compliance gaps and track improvements
Create and update policies, standards, and procedures
Support compliance with GDRP, NIS2
Assist with customer audits and security questionnaires
Provide basic advisory support to clients
Conduct high-level security and compliance assessments
- Department
- Quality Management
- Role
- Information Security Compliance Engineer
- Locations
- Poland (PL), Wroclaw (PL), Cracow (PL)
- Remote status
- Hybrid
- Hourly salary
- PLN80 - PLN120
- Employment type
- Full-time
- Monthly salary (gross)
- 8600 PLN - 15000 PLN
- Experience
- Regular
About Spyrosoft
Spyrosoft is an authentic, cutting-edge software engineering company, established in 2016. In 2021 and 2022, we were among the fastest growing technology companies in Europe, according to the Financial Times. We were founded by a group of tech experts with established backgrounds in software engineering, who created an ‘engineer-to-engineer’ workplace, powered by enthusiasm, fairness and authentic relationships. Having a unique offering, which bridge the gap between technology and business, we specialise in technology solutions for industry 4.0, automotive, geospatial, healthcare & life sciences, employee experience & education and financial services industries.