Information Security Specialist

We are seeking a motivated and detail-oriented Information Security Specialist to support and enhance our cybersecurity posture. The successful candidate will work closely with the CISO and cross-functional teams to implement security controls, monitor threats, and ensure compliance with industry standards and regulatory requirements.

Key Responsibilities

• Monitor security events and alerts using security tools
• Investigate and respond to security incidents, including analysis, containment, and remediation
• Support incident response processes and post-incident reviews
• Assist in risk assessments, vulnerability management, and remediation tracking
• Support compliance initiatives aligned with frameworks such as ISO/IEC 27001, ISO 22301, ISO 9001, NIS2, GDPR, and other relevant standards
• Contribute to the development, implementation, and maintenance of security policies, procedures and standards
• Participate in secure system design and architecture reviews
• Prepare reports, dashboards, and metrics for the CISO and senior stakeholders
• Maintain accurate documentation related to security controls, incidents, and risk assessments
• Support internal and external audits
• Collaborate with IT, engineering, and other teams to integrate security best practices
• Promote security awareness across the organization
• Stay up to date with emerging threats, vulnerabilities, and industry trends
• Support the CISO in preparing and reviewing responses to client security inquiries, due diligence assessments, and RFPs, ensuring alignment with organizational security controls and compliance frameworks.

Required Qualifications

• Bachelor’s degree in Computer Science, Information Security, or related field
• 3–5 years of experience in information security or a related role
• Hands-on experience with security tools (SIEM, EDR, vulnerability scanners)
• Good understanding of networking, operating systems, and cloud environments
• Familiarity with security & risk management frameworks (e.g., ISO/IEC 27001, ISO 31000, NIST, CIS Controls)
• Experience with incident response and threat analysis

Preferred Qualifications

• Relevant industry certifications (e.g., Security+, CySA+, CEH, ISO 27001 Lead Implementer/Auditor)
• ISACA certifications are a plus (e.g., CISM, CISA)
• Experience in a cybersecurity company, MSSP, or SOC environment
• Knowledge of cloud security (AWS, Azure, or GCP)
• Basic scripting or automation skills (Python, Bash, or similar)
• Understanding of threat intelligence concepts and frameworks (e.g. MITRE ATT&CK)

Key Competencies

• Strong analytical and problem-solving skills
• Ability to communicate technical concepts to non-technical stakeholders
• Attention to detail and structured thinking
• Proactive mindset with a willingness to learn
• Ability to work under pressure and manage multiple priorities

Benefits

• Competitive salary and performance-based bonuses
• Professional development opportunities and certifications
• Flexible work schedule and semi-remote work options
• Collaborative and innovative work environment