Information Security Analyst

About the role

As an Information Security Analyst, your core responsibility will be safeguarding customer and company data, protecting the company's reputation, and making vital decisions that are integral to shaping the state-of-the-art security posture for the business's future success. This person should detect new threats, understand the risk assessment process, contribute to the action plan development, and promote the progress of mitigation implementation and evolution. The position will cover security assessment activities, technical controls evaluation, risk assessments, management of clients' requirements, and internal awareness. As a valuable member of our global Infosec Team, you will have the opportunity to collaborate with colleagues across the globe, fostering a dynamic and diverse work environment. Your role will involve working closely with stakeholders from various departments, forging strong partnerships to ensure the collective success of our information security initiatives.

Responsibilities

• Assess and track security posture across platforms and systems, following up on remediation tasks to close gaps efficiently.
• Collaborate with stakeholders across technology, legal, and business units to integrate security requirements into projects, services, and vendor relationships.
• Perform regular assessments of technical environments to ensure compliance with internal policies and external standards.
• Identify and document risks associated with third-party vendors, cloud infrastructure, access management, and system configurations.
• Evaluate and recommend technologies that enhance our security and compliance posture (e.g., DLP, EDR, network segmentation, cloud security tools).
• Collaborate with the alignment to the global Information Security Management System (ISMS), based on ISO/IEC 27001:2022 and best practices from well-known frameworks such as NIST.
• Maintain comprehensive documentation of security processes, audit reports, compliance controls, and risk assessments.
• Utilize tools and platforms to automate compliance checks and reporting across the environment.
• Stay current with industry trends, technologies, and regulatory changes, proactively suggesting enhancements to the security baseline.
• Contribute to security awareness programs and training efforts within the organisation.
• Mentor and support colleagues to encourage growth and a strong security culture across teams.
• About You
• The essentials:
• Bachelor's degree/advanced education in Computer Science, Cybersecurity, Computer or Systems Engineering or equivalent.
• Minimum of 4 years of experience in security.
• Solid understanding of core information security concepts, including confidentiality, integrity, and availability (CIA Triad).
• Solid understanding of technical concepts and security hardening practices in the following areas:
• Network architecture and segmentation
• Firewalls, IDS/IPS (Intrusion Detection/Prevention Systems)
• Encryption and Public Key Infrastructure (PKI)
• Endpoint protection and hardening (EDR, DLP)
• Operating system security (Windows, Linux, macOS)
• Databases
• Single Sign-On (SSO), SAML, and OIDC
• Role-Based Access Control (RBAC) and least privilege principles
• Cloud security hardening (AWS, Azure, GCP)
• Secure Software Development Lifecycle (S-SDLC)
• Patch management strategy and tooling
• Logging and monitoring
• API security and secure integrations
• Strong analytical and problem-solving skills, capable of diagnosing issues and implementing effective solutions.
• Ability to self-organize and plan activities with commitment towards results.
• Good communication and social skills.
• Upper Intermediate English level.
• Not a must, but a plus:
• Certifications such as CISSP, CISM, CCSK, Security+, AWS Security Specialty, or similar.
• Experience designing or optimizing a compliance program across multiple business units or geographies.
• Familiarity with security automation platforms and compliance monitoring tools.
• Exposure to scripting or automation for reporting and process efficiency.
• Experience collaborating with third-party auditors, client security teams, or legal/compliance units.

Benefits

Additional Information

Please note that we will never request payment or bank account information at any stage of the recruitment process. As we continue to grow our teams, we urge you to be cautious of fraudulent job postings or recruitment activities that misuse our company name and information. Please protect your personal information during any recruitment process. While Monks may contact potential candidates via LinkedIn, all applications must be submitted through our official website ( monks.com/careers ).

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at monks? Share your experience