Information Security Analyst

About the Role

As an Information Security Analyst, your core responsibility will be safeguarding customer and company data, protecting the company's reputation,and making vital decisions that are integral to shaping the state-of-the-art security posture for the business's future success.

This person should detect new threats, understand the risk assessment process, contribute in the action plan development and promote the progress of mitigation implementation and evolution. The position will cover security assessment activities, technical controls evaluation, risk assessments, management of clients requirements and internal awareness.

As a valuable member of our global Infosec Team, you will have the opportunity to collaborate with colleagues across the globe, fostering a dynamic and diverse work environment. Your role will involve working closely with stakeholders from various departments, forging strong partnerships to ensure the collective success of our information security initiatives.

Responsibilities:

• Assess and track security posture across platforms and systems, following up on remediation tasks to close gaps efficiently.
• Collaborate with stakeholders across technology, legal, and business units to integrate security requirements into projects, services, and vendor relationships.
• Perform regular assessments of technical environments to ensure compliance with internal policies and external standards.
• Identify and document risks associated with third-party vendors, cloud infrastructure, access management, and system configurations.
• Evaluate and recommend technologies that enhance our security and compliance posture (e.g., DLP, EDR, network segmentation, cloud security tools).
• Collaborate with the alignment to the global Information Security Management System (ISMS), based on ISO/IEC 27001:2022 and best practices from well known frameworks such as NIST.
• Maintain comprehensive documentation of security processes, audit reports, compliance controls, and risk assessments.
• Utilize tools and platforms to automate compliance checks and reporting across the environment.
• Stay current with industry trends, technologies, and regulatory changes, proactively suggesting enhancements to the security baseline.
• Contribute to security awareness programs and training efforts within the organization.
• Mentor and support colleagues to encourage growth and a strong security culture across teams.

Required Qualifications

• Bachelor's degree/advanced education in Computer Science, Cybersecurity, Computer or Systems Engineering or equivalent.
• Minimum of 4 years of experience in security.
• Solid understanding of core information security concepts, including confidentiality, integrity, and availability (CIA Triad).
• Solid understanding of technical concepts and security hardening practices in the following areas:
• Network architecture and segmentation
• Firewalls, IDS/IPS (Intrusion Detection/Prevention Systems)
• Encryption and Public Key Infrastructure (PKI)
• Endpoint protection and hardening (EDR, DLP)
• Operating system security (Windows, Linux, macOS)
• Databases
• Single Sign-On (SSO), SAML, and OIDC
• Role-Based Access Control (RBAC) and least privilege principles
• Cloud security hardening (AWS, Azure, GCP)
• Secure Software Development Lifecycle (S-SDLC)
• Patch management strategy and tooling
• Logging and monitoring
• API security and secure integrations
• Strong analytical and problem-solving skills, capable of diagnosing issues and implementing effective solutions.
• Ability to self-organize and plan activities with commitment towards results.
• Good communication and social skills.
• Upper Intermediate English level.

Preferred Qualifications:

• Certifications such as CISSP, CISM, CCSK, Security+, AWS Security Specialty, or similar.
• Experience designing or optimizing a compliance program across multiple business units or geographies.
• Familiarity with security automation platforms and compliance monitoring tools.
• Exposure to scripting or automation for reporting and process efficiency.
• Experience collaborating with third-party auditors, client security teams, or legal/compliance units.

##LI-MR1 #LI-Hybrid