Do you want to craft the direction of Aircall Information Security and drive continuous development and improvement of security frameworks? Then we have the challenge for you!
As an Information Security Analyst, your mission will be to help the organization manage the risks associated with information security and compliance. This includes setting requirements and controlling compliance as well as advising and educating the organization. This full-time position will report to the Information Security and Compliance Manager.
Your mission @Aircall:
· Manage gap analysis, compliance readiness, and compliance monitoring activities for ISO/IEC 27001 and other regulatory or contractual security audits (i.e., PCI-DSS, SOC2, etc.)
· Assess 3rd Party information security and compliance posture to ensure compliance with Aircall guidelines and industry leading practices.
· Manage the internal and external ISMS audit processes and audit plan.
· Present Audit findings to various stakeholders and levels throughout the organization.
· Partner with business and third parties to suggest/recommend potential mitigation solutions for risk areas.
· Identify and implement coordinated responses to information security audit and compliance issues.
· Manage and coordinate the creation, documentation, and update of Security policies.
· Work closely with and collaborate with other security organizations, e.g. IT Security and Engineering Security
A little bit more about you:
- You have at least 5+ years of experience in Information Security.
- Experience building compliance certification programs, such as ISO 27001.
- Experience in managing information security audits.
- Experienced in defining information security policies and security related processes and procedures·
- Good Knowledge of ISO Standard ISO27000, SOC2 and PCI DSS.
- Ability to work efficiently with minimal oversight/direction remotely·
- An ability to work on several tasks simultaneously.
Nice to have:
- Recognized IS qualification like ISO27001 Lead Auditor or Lead Implementer.
- Relevant Information Security certifications (CRISC, CISSP, CISM, CISA, CCSK)·
- Knowledgeable on security aspects of AWS Cloud ·
- Experience Startup environment and Telco industry.