Back to jobs
New

GRC Security Analyst

Poland

At Appfire, we believe that great work happens when people get to choose how they work. After 20 years of creating software that empowers teams to break silos and collaborate seamlessly, we've learned that one size does not fit all. That’s why at Appfire, you choose. 

Choose to work where you thrive: Whether from home, in one of our offices, or while exploring the world, you decide where you’re most productive. From hardware and software to access to two decades of collective wisdom on working effectively in a remote-first company, we’ve got you covered.

Choose to balance your life without compromise: Plan your workday around your needs and what matters most to you. Enjoy flexible time off without the hassle of complicated approvals. From day one, we trust you to deliver quality work without sacrificing your personal life, hobbies, loved ones, and well-being.

Choose to grow on your terms: Take charge of your professional growth with access to online learning platforms, facilitated training, leadership programs, and internal hackathons. Collaborate with a global team to gain fresh perspectives. When you're ready for a new challenge, our internal mobility program is here to support your journey.

No one knows you better than you do. So join us and customize your experience. Choose how you want to work. Choose Appfire.

 

About the role

Do you have a strong understanding of information security GRC operations? Have you built lasting relationships with business owners and vendors? Appfire, the leading provider of Atlassian apps, is looking for a creative problem-solver and a self-starter to join our Information Security team. The GRC Security Analyst will handle diverse security-related tasks and issues for our rapidly growing company, including managing risk through a shared vision with Appfire’s business leaders.

You’ll work closely with our CISO to manage diverse governance, risk, and compliance security-related tasks and issues for our rapidly growing company, with a focus on people, practices, systems, and metrics. You’ll be asked to keep up with the latest industry requirements and will assist in the identification of security risks and the associated execution of remediation and corrective action plans, ensuring we are following up with those steps previously agreed upon by the business. Additionally, you’ll participate in regular vendor reviews and ensure compliance with Appfire policy, as well as provide ISO 27001 and other audit support.

If you’re a highly organized, detail-oriented expert communicator, let’s chat!

You will be expected to engage in professional development to maintain continual growth in professional skills and knowledge essential to the position and thrive in a highly collaborative workplace.

We are Appsfire, the largest global provider of award-winning Atlassian apps! Our portfolio of trusted product brands includes more than 200+ purpose-built apps loved by thousands of teams and millions of users worldwide. Amplified by our partnership and strategic investment from private equity powerhouse Silversmith Capital Partners, a recent surge of marquee brand acquisitions, and an additional $100M investment from TA Associates, Appsfire is uniquely poised to accelerate our leadership position within the billion-dollar Atlassian app market. Come be a part of our Appfire family for this amazing journey! Learn more at appfire.com.

Appfire is looking for a GRC Security Analyst. You will report to one of our Managers and be a member of the Information Security. 

You can choose to work remotely from any location in Poland.  

Your everyday tasks will include:

  • Work on the coordination and facilitation of Appfire’s security governance goals and initiatives
  • Support our sales channels regarding prospect and customer security questions, assessments, and audits, including speaking to technical controls and their alternatives and appropriate risk mitigation.
  • Conduct assessments related to vendor risk management and follow up on associated findings.
  • Provide support for regulatory and compliance initiatives (e.g. ISO 27001, SOC2, GDPR, etc.).
  • Identify, document, and track information security policy-related non-conformities and assist in developing and monitoring corrective action plans.
  • Assist in identifying & tracking information security risks, assessing impact, and tracking the execution of mitigation plans.
  • Assist in tracking information security risk acceptances and exceptions and monitoring the execution of remediation plans.
  • Track and ensure adequate and timely resolution to all audit and risk assessment findings/issues relating to information security.
  • Assist in the monitoring of business continuity (BC) and disaster recovery (DR) testing.
  • Perform periodic compliance checks across the Appfire organization.
  • Provide support for the coordination and execution of integration plans for Appfire acquisitions.
  • Support the annual review and update of information security-related policies and processes.
  • Participate in and support annual security awareness campaigns.
  • Handle sensitive and/or confidential material and information with suitable discretion.

Skills and experience you'll need to succeed:

  • Bachelor’s Degree in Computer Science, Information Security, Engineering, related curriculum, or equivalent experience.
  • 2+ years of experience working in information security risk and/or compliance roles.
  • Knowledge of common Information Security frameworks such as CIS, ISO 27001 & SOC 2.
  • Prior experience with cloud-based security tools, technologies, and controls a plus (e.g, Amazon AWS, Azure, Heroku, GCP)
  • Ability to work effectively within a fast-paced, changing environment that is going through high growth.
  • A self-starter with the demonstrated ability to take initiative, who can proactively identify issues/opportunities and recommend actions.
  • Creative problem solving required
  • Excellent interpersonal and communication skills
  • CISA, CISSP, or similar security/GRC-focused certifications are a plus.

Beyond the resume skills that match our culture and this role:

  • You are dedicated to elevating client and co-worker experiences, knowing that exceptional work centers on serving others.
  • You adapt swiftly to new business demands, understanding that change fuels collective and individual growth.
  • You excel in communication, effectively connecting in remote/hybrid environments using tools like Slack, Zoom, and G Suite and through occasional in-person events.
  • You have exceptional coaching, mentoring, and people development skills.

We offer:

  • Salary Ranges: Perm (UoP) 12,000 - 16 000 PLN gross/month.

Financial benefits

  • Every Appfire employee is eligible for company equity.

  • Home Office allowance – 200 PLN/month to cover your electricity and internet bills.

  • MyBenefit Platform – 150 PLN/month to spend on shopping, culture and entertainment, Multisport, travel, and more.

  • Lunch Card – 300 PLN/month to spend on groceries/restaurants (excluding alcohol and other excise duties items).

  • You can apply for a 50% tax-deductible cost on creative works (AKUP/IP tax-deductible costs).

Skills development benefits

  • Access to the Appfire University learning platform – a hub of knowledge, interactive resources, and engaging instructor-led courses designed to fuel your learning journey with unparalleled depth and accessibility.

  • English language courses.

PTO, health & well-being

  • 26 working days of paid annual leave, regardless of years of experience.

  • Wellness Days – additional time off each month to recharge and take care of yourself.

  • Private healthcare.

  • Life Insurance.

Volunteering

  • 3 fully paid days each year to participate in Appfire Town, Appfire’s Corporate Social Responsibility (CSR) Program.

Other

  • Indefinite Employment contract from day one, no trial periods.

#LI-Remote

 

About Appfire

A people-first approach to business

Since its inception, Appfire has been a remote-first company. With 800+ employees (who we call fireflies) across 27 countries, we foster an environment where everyone is respected. We invest in team members by ensuring they grow professionally and personally.

Watch Appfire's Co-founder and CEO Randall Ward talk about his people-first leadership philosophy: https://youtu.be/GXuChQzzowI

Making an impact

At Appfire, corporate social responsibility is driven by team members, family, friends, customers, and partners through Appfire Town. This program brings people together to generate a strong social impact in our local and global communities.

Our CEO believes being philanthropic is integral to operating our business and is not merely the result of our success. In 2015, Appfire joined the Pledge 1% network of organizations committed to philanthropy. Appfire has since grown our Pledge 1% program to include all four pledge types — product, profit, equity, and employee time. We were among the first to do this, and we’re proud that Pledge 1% is part of our evolution.

Our business

Appfire has been profitable since its inception, with best-in-class free cash flow margins relative to the broader SaaS universe. The company's mission to equip and connect every team so they can plan and deliver their best work has proven successful, producing consistent year-over-year (YoY) growth – with Appfire growing from $10M ARR in 2019 to $200M ARR in 2023. 

What’s our secret sauce?

  1. We follow teams. We do our research and build software that solves real-life collaboration challenges while being easy to implement and a joy to use. We’re proud to support over 20,000 customers and growing, including 55% of the Fortune 500. From the entertainment delivered by Netflix to the devices crafted by Samsung, and Dell Technologies and the financial transactions handled by Visa, Edward Jones, and US Bank, Appfire’s technology is indispensable. Our products also play a pivotal role in streamlining operations and fostering innovation at companies like Tesla and significant institutions such as NASA, Boeing, and many more. 
  2. We enhance. We don’t compete. Our software is designed to give developers, knowledge workers, and teams the ability to extend and get greater value from the platforms they’ve invested in and enjoy. So far, our solutions extend and enhance the capabilities offered by Atlassian, Microsoft, monday.com, and Salesforce. 
  3. We build bridges and invest in our partners. Appfire's success is underscored by the fact that the company has no direct sales team and instead leverages its channel program as its primary path to market. Today, Appfire has a dedicated Channel team supporting 700+ channel partners.
  4. We make security and privacy a priority, but we also keep it simple for our customers. We’ve achieved International Organization for Standardization (ISO) 27001 and ISO 27017 and System and Organization Controls (SOC) SOC 2, Type I and SOC 2, Type II certifications. In 2022, we launched our award-winning Appfire Trust Center, offering our customers, partners, and prospects the latest security, privacy, and compliance information, including pre-completed questionnaires (CAIQ, SIG, and VSA) with an accelerated NDA process and just one EULA to cover it all.

Market recognition

Appfire has been consistently recognized for company growth, culture, corporate social responsibility, and product excellence and has been included among the Deloitte Technology Fast 500, Inc. Best Workplaces, BuiltIn Best Places to Work, and Inc. 5000. Learn more about our accomplishments, which would not be possible without our team members, partners, and customers: https://appfire.com/awards.

Read about Appfire's continuous growth and mission to equip and connect every team so they can plan and deliver their best work.

Equal Employer Opportunity (EEO)  

Appfire is an equal opportunity employer and does not discriminate based on race, color, religion, sex (including pregnancy), sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, veteran status, or any other protected characteristic as defined by applicable law. Our commitment extends to all employment practices, including recruitment, hiring, training, promotion, compensation, benefits, and termination.

Apply for this job

*

indicates a required field

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf


Please define your desired compensation in your local currency.

Select...
Select...
Select...

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Appfire Technologies, LLC.’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Select...
Select...
Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Select...

Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Select...

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.