Information Security Specialist
We are looking for an experienced individual to join our information and cyber security team and take point on our company security systems and compliance.
Help us govern information security through policies, and training, establish vendors' security assurance and advance our business toward security and privacy compliance licenses and audits.
What will you do:
- Responsible for our security awareness program, preparing general and team dedicated trainings, quizzes, and campaigns
- Take part in the company governance, regulations, and compliance efforts
- Recommend information security policies, standards, and guidelines by evaluating the organization's outcomes, identifying problems, evaluating trends, and taking part in the Cyber & Information security team, taking an active role in managing the security systems and procedures of the company
- Answer company prospects security questions and questionnaires supporting the company operations
- Handling our 3rd party risk assessment program, assessing our vendor's questionnaires, compliance, and their attack surface
- 3+ years of experience in an Information Security position in finance, technology, or consulting companies.
- Background and experience in information technology, engineering, or any other technological position.
- Experience with security & privacy standards and regulations such as SOC 1, SOC 2, ISO 27001, GDPR, CCPA, etc.
- Building security awareness program which includes digital and frontal training, testing campaigns, newsletters, etc.
- Meet company security compliance by conducting security internal audits, clients questionnaires, assessing cloud security vendors' compliance
- Strong social skills or very experienced with delivering in-person training
- People person, you connect to people fast, you are patient and empathic about your colleagues
- Autodidact, you have taught yourself much, you can learn on the fly and don’t necessarily need direction
- Willing to take ownership and responsibility for high impact responsibilities and projects, even when extreme effort, complex cross-team factors are necessary
Nice to have
- Industry security certifications, relevant security education or courses
- Hands-on experience with Cloud services; AWS