Job Purpose

We are looking for a Junior Information Security Specialist who will support the implementation of the organization’s Information Security Framework, ensuring compliance with Information Security and Regulatory Requirements. This person will also execute awareness initiatives for Information Security across the organization, maintaining and enhancing the Information Risk Management framework, assisting also in the Business Continuity Activities.
The role reports to the Chief Information Security Officer.

What you will do

• Perform Information Risk Management exercise and maintain information security risk, register and assist with internal and external audits relating to information security
• Maintain Information Security policies and procedures, applying best practices, standards and frameworks
• Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues.
• Monitor identity and access management, including monitoring for abuse of permissions by authorized system users
• Perform Business Impact Analysis for the identification of all IT services and underlying IT components necessary to operate the identified critical business applications and
• Assist in performing IT Disaster recovery tests to ensure the effectiveness of recovery strategies and IT Disaster recovery plans
• Promote the information security strategy of organization to ensure the confidentiality, integrity, and availability of information assets
• Monitor metrics to ensure alignment of Information Security Management Framework
• Respond to user requests regarding Information Security issues
• Analyze IT requirements and provide objective advice on the use of IT security requirements
• Investigate security alerts and support the incident response process
• Participate in the change management process for the Information Security aspects
• Design and implement the information security awareness program
• Remain up to date on emerging threats and evolving security mechanisms and technologies

What you bring

• Experience in related fields such as IT
• Bachelor or Master degree in Computer Science, Information Systems or Information Security related fields
• High technical fluency in English language
• Ability to write clear and concise technical documentation
• Familiarity with common enterprise IT architectures
• Ability to work with Technical and Non-Technical business owners
• Ability to multi-task and change priorities with short notice
• Ability to maintain professionalism and always strive for high ethical standards
• Desire to self-educate on the ever-changing landscape of system vulnerabilities and exploits
• Relevant security certifications – ISC2 CC, CISSP, CISM, CISA, ISO27001 lead implementor/auditor will be considered a strong plus