Information Security Compliance Specialist

About the role

We are looking for an Information Security Compliance Specialist to protect customer and company data, shape our security posture, and ensure compliance with internal policies and external standards. The role sits within our global Infosec team and works closely with technology, legal and business stakeholders to embed security across projects and services.

Key responsibilities

• Assess and track the security posture of platforms and systems, driving remediation of identified gaps.
• Collaborate with technology, legal and business units to integrate security requirements into projects, services and vendor relationships.
• Perform regular technical assessments to verify compliance with internal policies, ISO/IEC 27001:2022 and relevant frameworks such as NIST.
• Identify, document and mitigate risks related to third‑party vendors, cloud infrastructure, access management and system configurations.
• Evaluate and recommend security technologies (e.g., DLP, EDR, network segmentation, cloud security tools) to enhance the compliance posture.
• Maintain comprehensive documentation, audit reports, compliance controls and risk assessments.
• Automate compliance checks and reporting using appropriate tools and platforms.
• Stay current with industry trends, regulatory changes and proactively suggest security improvements.
• Contribute to security awareness programs and mentor colleagues to foster a strong security culture.

Required profile

• Bachelor’s degree or higher in Computer Science, Cybersecurity or a related field.
• Proven experience in information security, risk assessment and compliance activities.
• Strong understanding of ISO/IEC 27001, NIST and other security frameworks.
• Ability to work collaboratively with cross‑functional teams in a global environment.

Required skills

• Data Loss Prevention (DLP)
• Endpoint Detection and Response (EDR)
• Network segmentation
• Cloud security tools
• ISO/IEC 27001 implementation
• NIST framework knowledge
• Risk assessment and security assessment methodologies
• Compliance automation tools