IT Security Specialist

We're looking for a mid-level IT Security Specialist to help strengthen and scale our ISO 27001 and SOC 1/SOC 2–aligned Information Security Management System (ISMS). You'll partner with IT and business teams to improve compliance, governance, risk management, and audit-ready documentation.

What you'll do

• Maintain and improve ISMS documentation (policies, standards, procedures, control library, SoA).
• Support internal/external audits: prepare evidence, coordinate stakeholders, track findings to closure.
• Run risk activities: risk assessments, risk register updates, treatment plans, and exception management.
• Assist SOC alignment by mapping controls, validating control design, and supporting operating effectiveness reviews.
• Produce clear GRC deliverables: governance reporting, KPIs/KRIs, meeting packs, and compliance updates.
• Support third-party/vendor security reviews and documentation of security requirements.