Information Security Specialist - CDMX

As Information Security Specialist, you will work with the different areas of the organization to guide and support the implementation of the ISMS and monitor the effectiveness of the security program. You will work closely with Infrastructure, Legal, Regulatory and Finance teams to ensure the company follows the internal procedures properly, complying with applicable laws and regulations, especially working in cybersecurity risk management and compliance activities. The Information Security Specialist must ensure that policies and procedures are met by the company and implement controls to mitigate the risks and gaps identified. You will work with external agencies and authorities as necessary to ensure the organization maintains a strong security posture. You will also define and launch training and awareness programs for the organization.

Your impact:

• Support and coordinate the implementation of an information security management system based on widely supported frameworks (ISO 27001, ITIL and NIST).
• Analyze existing security systems and make recommendations for changes or improvements.
• Identify, assess and treat risks according to the company’s Risk Management methodology.
• Support in security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation.
• Execute security assessments on people, systems, applications and infrastructure.
• Collaborate with external agencies and authorities as necessary to ensure the organization maintains a strong security posture and ensure compliance with applicable laws and regulations.
• Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.
• Prepare reports and action plans on the security projects and incidents.
• Document processes and procedures according to the established policies.
• Maintain and participate in Vendor Risk Management processes.
• Collaborate with internal and external audits to ensure the organization is in compliance with information security requirements.
• Develop and maintain an inventory of the organization's information assets

Who you are:

• 4+ years of experience in any security related role.
• Implementation of information security management systems.
• Strong knowledge of security frameworks (ISO27001, NIST, PCI-DSS) .
• Strong understanding of several security domains (access control, cryptography, secure development, network, operations).
• Compliance and audit.
• Risk assessment and mitigation plans.
• Incident response and disaster recovery procedures.
• Implementation of security tools and solutions.
• Vendor Risk Management
• Excellent written and verbal communication skills.
• English language proficiency. 

#LI-Remote 

About Bitso:

Bitso is Latin America’s leading cryptocurrency platform. Our goal is to evolve how we think about and use money. We believe that we should all have the opportunity to use our money whenever we want it, and how we want it, without boundaries or schedules. To achieve this, we provide individuals with fast, cheap, seamless and user-friendly financial services powered by blockchain technology. 

Cryptocurrencies do not rely on intermediaries to give them legitimacy or value. Instead, they are valuable because of the peer-to-peer technology that powers them. We firmly believe in crypto and the use cases it has. It’s time for the world to upgrade to a fair, open, transparent, and global financial system for all. #makecryptouseful. 

Visit us at https://bitso.com/ 

Bitso promotes an environment where people are treated fairly and with respect, free of discrimination, bullying, harassment, violence or threats. 

Please visit: https://bitso.com/legal/GI/terms to see our privacy policy.

• Purpose: You’ll be part of something bigger, working towards financial disruption and inclusion across Latin America.
• Culture: You’ll work in a thriving, friendly, and fun environment that promotes open discussions, jokes, learning, video games, and lots of fun.
• People: You’ll work with some of the most driven and intelligent people in the crypto space, engaging with a network of diverse talent from 25+ nationalities bound by our quest to #makecryptouseful.
• Salary: We pay competitively in the countries where we operate.
• Venue: Work from wherever you want, work asynchronously; this role is fully remote to give you maximum freedom.
• Unlimited Paid Time-Off:  You choose your number of days off. Recharge batteries and enjoy who you are outside the office
• Employee Stock Option Plan: we want our team members to be owners of the company. Therefore, as we all together crave for the success of our business, you will be eligible to participate in our stock option plan!

• This role is expected to work remotely.
• These are the applicable requisites, although equivalent competencies in any of the above will also be considered.