Responsibilities
- Monitor and analyze security events using SIEM reports and other security tools.
- Support incident response activities, including triage, investigation, evidence collection, and root cause analysis.
- Perform access management activities, including periodic access reviews and entitlement validation.
- Support vulnerability management by tracking findings, remediation progress, and risk acceptance.
- Prepare and maintain security metrics, KPIs, reports, risk registers, and remediation logs.
- Support audit readiness and evidence collection for ISO 27001/17/18, SOC 2, GDPR, HIPAA, and other relevant frameworks.
- Assist with maintaining security policies, procedures, standards, and control documentation.
- Support third-party vendor security reviews and track vendor risk documentation.
- Collaborate with IT, engineering, compliance, and business teams on security-related topics.
Requirements
- 1+ years of experience in information security, cybersecurity, IT, compliance, audit, risk management, or a related field.
- Hands-on experience in a Security Analyst or similar cybersecurity role.
- Understanding of IAM, access reviews, vulnerability management, and incident response.
- Exposure to cloud security, endpoint security, cloud IAM models, and networking fundamentals.
- Familiarity with security and compliance frameworks such as SOC 2, ISO 27001, NIST CSF, CIS Controls, or GDPR.
- Experience working with security documentation, policies, procedures, audit evidence, and compliance reviews.
- Ability to analyze security data, trends, and metrics and communicate findings clearly.
- Strong analytical, organizational, and problem-solving skills with high attention to detail.
- Experience with tools such as SharePoint, Microsoft 365, ticketing tools, document repositories, or collaboration platforms.
Nice to Have
- Security, privacy, or audit-related certifications completed or in progress, such as Security+, ISO 27001 Foundation, CCSK, or CISA.
- Background in supporting BCP/DRP testing or tabletop exercises.
- Practical exposure to audits, compliance reviews, or vendor assessments.
- Familiarity with SOAR tools or incident response automation.
- Scripting or automation skills with Python, PowerShell, or Bash.
- Exposure to SaaS, cloud, CRM, or enterprise software environments.
Work Arrangement
Remote (Worldwide)
Additional Information
- Flexible work arrangements are provided.
- Initiatives to support employee wellbeing and effective schedule management are in place.
- Culture celebrates achievements and values employee ideas.
- Company embraces new ideas, modern technologies, and bold thinking.
- Competitive compensation and benefits package is provided.
- Rewards approach includes recognition beyond salary.
- Benefits and rewards may vary depending on country of residence and employment type.