back to list

Senior European Information Security Officer

City: Sofia

People Solutions Factory is a boutique HR company specializing in providing strategic support to its clients in the area of Human Capital Management.

Our client is Kin + Carta, an innovation and emerging technology firm that helps Fortune 500 companies seize new opportunities through world-changing digital solutions. As strategists and consultants, they help organizations evolve their digital strategy to solve mission-critical problems. As designers and developers, they build incredible hardware and software solutions that transcend a standalone product and transform an organization’s relationship with its customers.

For their Global Digital defence team, we are looking for an experienced security gyu, a tech-security Guru with passion in Cyber security and investigation mindset.

The European Information Security Officer will drive and support standards of Information Security for K+C across Europe aligned with Global operations. The goal is to establish and obtain a globally recognised information security management system to build One Secure Kin and Carta.

The Information Security Officer will be responsible for identifying security requirements, maintaining standards and auditing stakeholder operations to ensure the continued improvement of Information Security standards are compliant across the region and aligned globally through exceptional service, clear communication, strong tenacity and technical expertise.

Key Responsibilities

● Pursue infosec excellence for the region with the continuous development and management of K+C InfoSec standards to ensure compliance for Cyber Essentials Plus, PCI-DSS, ISO 27001 and other required controls.

● Perform internal audits on information security in line with international standards, which includes but not restricted to ISO 27001

● Security assess new and current suppliers - plan, organise and review Digital implementations, tools, APIs and platforms.

● Support the completion of stakeholder infoSec schedules for RFPs, MSAs, delivery and project teams, by resolving project queries and approval of security requirements

● Contribute to the InfoSec Risk Register and collaborate on treatment of risks tailored to the needs of the region. Manage and track mitigations, remediations and compensating controls.

● Completing Information Security assessments from external parties in a timely manner

● Contribute to the performance and improvement of the ISMS and respectively to the ISMS documentation

● Joint responsibility with the Digital Defense team for all BAU tickets and tasks

● Establish and review monitoring and logging process and standards

● Designing, delivering and monitoring InfoSec training and awarenes


● Proven experience in a security role with the emphasis on risk, policy and governance

● Previous experience in development of ISMS Documentation 

● Knowledge of security frameworks or methodologies, CyberEssentials (Plus) and/or ISO27001

● Exposure to Enterprise Security tools AV, Vulnerability, IAM, SSO.

● A certification in CISSP/ CISM/ CompTIA Security/ MS Certified: Cybersecurity or other relevant for the role would be a serious advantage

● Understanding and mapping business context against information security best practices

● Stakeholder management skills, with the ability to drive change and improvements across K+C.

● Collaboratively work with 3rd parties and handle challenging relationships with diplomacy and balance.

● Critical thinking with a mindset that considers solutions prior to presenting challenges

● Comfortable with multi-tasking

Only short-listed candidates will be contacted.

All applications will be treated with strict confidentiality.

People Solutions Factory has an unlimited License № 2052/31.05.2016 for providing human resources services.

Apply now

Add resume
Select file

Due to the GDPR limitation, we kindly ask you if you would like to apply for that position to send your CV to the following e-mail: Before you send us your application, please read a Declaration of consent form and affirmatively declare its acknowledgement.