Security Analyst (#333)

We are seeking an experienced Information Security Specialist to join our global team and contribute to the development, implementation, and enforcement of security controls and policies across our European and Asian operations. In this role, you will be responsible for leading security initiatives, ensuring compliance with industry standards and regulations, and conducting risk assessments to safeguard critical information assets. You will collaborate with cross-functional teams and external partners, overseeing projects related to security operations, audits, and regulatory requirements. Additionally, you will play a key role in providing advisory services on security best practices and risk management across various business units. Frequent travel for on-site security assessments at various company locations may be required.

Key Responsibilities:

• Security System Promotion: Drive continuous improvement of security protocols in alignment with ISO 27001 (PDCA cycle), create and update security policies and manuals, and conduct security assessments at offices and related facilities (occasional business trips).
• Risk Assessment: Perform risk evaluations on information assets (systems and data), assess security exceptions and follow up on mitigation plans, and evaluate external vendors’ security practices (including on-site visits).
• Assurance Activities: Conduct independent evaluations of governance, risk management, and control processes. Develop and follow up on improvement plans based on audit results, and provide local support for group assurance activities.
• Advisory Support: Identify security challenges and provide expert advice on appropriate measures and solutions.
• Group Collaboration: Work closely with the European headquarters on security initiatives through email, chat, and regular weekly meetings.

Qualifications:

• Professional Experience: Minimum of 3 years of experience in information security, internal auditing, or as a consultant in an audit firm.
• Education: A bachelor’s degree in Information Security, Computer Science, or a related field is preferred.
• Certifications: Preferred certifications include CISA, CISM, CRISC, CISSP, or CCSP. Experience with ISMS, Privacy Mark, PCI-DSS, and other security standards is a plus.

Skills & Requirements:

• Technical Knowledge: Strong understanding of security frameworks and industry standards such as ISO 27001, NIST, OWASP, and PCI-DSS.
• Problem-Solving: Ability to proactively identify security challenges and provide actionable solutions.
• Team Collaboration: A cooperative mindset with the ability to work well within cross-functional teams and with global stakeholders.
• Adaptability: Willingness to travel for on-site visits and adapt to a fast-paced, dynamic work environment.
  
  If you are passionate about information security and are looking for an opportunity to lead security efforts in a global setting, we would love to hear from you!