Senior Security Analyst/Engineer

Senior Security Analyst / Engineer (Remote or Hybrid)

We are hiring a Senior Security Analyst / Engineer for an innovative AI company. You will manage and enhance the Information Security Management System (ISMS) and ensure compliance with ISO 27001 standards while driving automation and building a strong security culture.

Your Responsibilities:

• Manage and maintain the ISMS framework in line with ISO 27001 (2022) standards.
• Prepare for and support internal and external audits, maintaining compliance documentation.
• Conduct regular risk assessments, maintain the risk register, and implement mitigation strategies.
• Automate compliance and security processes using scripting languages like Python or PowerShell.
• Develop, update, and manage security policies and procedures.
• Lead security training and awareness programs across the company.
• Collaborate with DevOps, Legal, QA, and Product teams to embed security into operations.
• Stay informed about industry best practices, regulatory changes, and emerging security risks.

Our Tech Environment:

• Cloud Platforms: GCP, AWS

• Tools: Jira, GRC automation tools

• Scripting: Python, PowerShell

You Bring:

• Strong background in Information Security, Compliance, and Risk Management

• Hands-on experience with ISO 27001, GDPR, SOC 2 standards

• Audit experience including evidence collection and compliance reporting
• Ability to automate compliance tasks and streamline workflows
• Excellent communication skills across technical and non-technical teams
• Proactive, self-driven attitude with a focus on continuous improvement

Bonus:

• Experience with GRC tools for automation and evidence management

• Knowledge of public cloud security controls (GCP, AWS)

• Certifications like ISO 27001 Lead Auditor, CISM, or CISSP

• Experience with ticketing automation for compliance tracking

Note:

Even if you don't meet every requirement, we encourage you to apply. We often have other roles that could match your skills.