Perform information security governance and risk management activities across IT systems, data, and business processes
Conduct system and data classification, business impact analysis (BIA), risk assessments, and IT security audits
Support continuity planning and disaster recovery initiatives to ensure business resilience
Develop, review, and maintain information security policies, standards, and procedures in compliance with applicable laws and regulations
Ensure effective security controls and compliance over customer information, financial data, and business transactions
Monitor and support compliance with global and local regulatory requirements and security frameworks
Drive security awareness initiatives, including communication and training across the organization
Act as a steward and advocate for information security best practices within the company
Present and communicate security programs, risks, and compliance status to stakeholders across teams and divisions
Collaborate with cross-functional teams to strengthen and continuously improve the company's information security program
Stay up to date with current information security trends, threats, and regulatory changes
Requirements:
Bachelor's degree in Computer Science, Information Systems, or a related field
4 years of experience in information security, IT risk, compliance, or a related role
Solid understanding of information security risk concepts (threats, vulnerabilities, impacts)
Familiarity with at least one or more information security frameworks or regulations (e.g. ISO 27001, NIST, COBIT, PCI DSS, GDPR, or local regulations)
Ability to work independently and collaborate with cross-functional teams
Good prioritization and time-management skills
Clear written and verbal communication skills
Strong sense of responsibility, integrity, and confidentiality
Willingness to learn and stay updated on information security practices
