Cybersecurity Compliance Specialist, part time, Czech based

• Analyze internal audit findings and propose corrective and remediation measures.
• Design, update and maintain security policies, guidelines and processes (e.g. asset management, risk management, data classification, IAM/PAM standards, AD governance).
• Provide expert guidance to internal teams during implementation of security controls such as MFA, BitLocker, Intune/MDM, AD cleanup, service accounts (gMSA), NAC, EDR/SentinelOne and patch management.
• Define control mechanisms and ensure alignment with internal group security standards.
• Support risk management activities, documentation preparation and audit readiness.
• Contribute to security awareness initiatives and internal training activities.
• Act as a bridge between security, IT teams and non-technical stakeholders.

• Proven experience in cybersecurity compliance and/or security governance roles.
• Strong knowledge of ISO 27001, NIS2, DORA and related security frameworks (CIS Controls is an advantage).
• Experience with security policy and process design and implementation.
• Good understanding of security domains such as IAM/PAM, EDR, MDM/Intune, Active Directory, NAC, vulnerability and risk management.
• Experience supporting audit and compliance-driven projects.
• Strong analytical skills and ability to propose practical, implementable solutions.
• Excellent communication skills and ability to explain security topics to non-technical stakeholders.
• Relevant certifications (ISO 27001 Lead Implementer/Auditor, CISM, CISSP, CEH) are a plus.

Whirr Crew