Information Security Compliance Analyst
Media.MonksWe’re Media.Monks – global content, data, and media powerhouse. Our solution is simple and singular: Disrupting the industry, driven by
This position is intended to be involved in the implementation and improvement of administrative and technical controls of the company's Information Security Management System. This person should understand the risk assessment process to detect new threats, contribute in the action plan development and promote the progress of control implementation and evolution. The position will cover compliance activities, third parties risk assessments, management of clients requirements, internal awareness and technical controls evaluation.
In this role you will:
- Lead the implementation of the global ISMS (based on ISO27001) over new scopes.
- Evaluate the compliance status of processes and technology implementations and plan actions to align to the security framework.
- Identify risk related to information security in the technical environment, the relationships with third parties or any component of the company's operations.
- Understand about technical and administrative controls in the different areas: networking, operations, access management, SSDLC, cloud security, end-point protection, physical security, third party risk assessment, organization security and legal compliance.
- Act as a point of contact for third parties questions regarding information security.
- Analyze clients requirements regarding information security and evaluate their accuracy. Follow up the actions needed to comply with those requirements.
- Identify security threats and risks over processes, conducts, technology and context which may affect the information confidentiality, integrity or availability..
- Assist in the definition and construction of security measures to lower the risks identified.
- Solve low complex issues independently with minimum supervision and escalate more complex issues to accurate staff.
- Contribute in the development of awareness material and the process of delivery and measurement.
- Perform routine activities to ensure compliance with security frameworks and legislation.
- Investigate on technologies that could improve the security baseline and the compliance (e.g. DLP, end-point protection, network security, security and vulnerabilities assessment).
- Bachelor's degree in Computer Science, Computer or Systems Engineering or equivalent.
- Minimum of 3 years of experience in related positions.
- Solid knowledge of security on networking, cloud, infrastructure configuration, end-point protection and SDLC.
- Knowledge of the standard ISO 27001/2.
- English fluent (written and oral)
- Excellent communication and social skills.
- Ability to confidently present findings to those with either a technical or non-technical background.
- Self-directed, resourceful, and a critical thinker with attention-to-detail and proactive problem-solving skills.
- Ability to self-organize and plan activities with commitment towards results.
- Ready to learn new contents both from others or self-learned.
- Passionate about self-improvement and suggesting improvements to processes or activities.
- +1 year of experience in Security Risk Management, Information Security, Security controls or Security/IT Audit
- Information Security Certification (e.g. CISSP, Comptia Sec, CISM, CRISC, etc)
- ISO27001 Lead Implementer/Auditor
Media.Monks is on a mission to create a new future for this industry. Our vision? Build everything with a belief that changing for good comes from changing who does the work. Yep, that means you. Welcome to the party—one global, cross-cultural collective with a passion for using our skills to create better and a better world. That’s how we’re able to connect the dots between data, content, digital media, and technology from everywhere we are—a true end-to-end model. Joining the Media.Monks collective means having the opportunity to create award-winning work with some of the most gifted, focused, joyful, talents from all over the world.
At Media.Monks, you’ll be joining a highly ambitious company on a global mission to win the decade by changing the industry for good. Partner to 8 of the 10 most innovative companies in the world, Media.Monks works with established as well as up-and-coming global, regional, DTC and B2B brands, helping them own their data and build out customer ecosystems to elicit smart, efficient, high-impact engines for growth. We deliver table stakes quickly, creating cost efficiencies from day one to push up the creative effectiveness of our work with every cycle.
We are an equal-opportunity employer committed to building a respectful and empowering work environment for all people to freely express themselves amongst colleagues who embrace diversity in all respects. Including fresh voices and unique points of view in all aspects of our business not only creates an environment where we can all grow and thrive but also increases our potential to produce work that better represents—and resonates with—the world around us.
Explore more Cyber Security career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.
- Open Cyber Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Penetration Tester jobs
- Open Senior DevSecOps Engineer jobs
- Open Application Security Engineer/Architect jobs
- Open Senior Security Operations Engineer jobs
- Open Cyber Threat Intelligence Analyst jobs
- Open Staff Security Engineer jobs
- Open Head of Information Security jobs
- Open Lead Security Engineer jobs
- Open SOC Analyst jobs
- Open Cyber Security Analyst jobs
- Open Information System Security Officer (ISSO) jobs
- Open Cybersecurity Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Cloud Security Automation Specialist jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Offensive Security Engineer jobs
- Open Information Security Officer jobs
- Open Cloud Security Operations Lead jobs
- Open Azure Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open DevOps-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Audits-related jobs
- Open PCI-related jobs
- Open OWASP-related jobs
- Open Threat intelligence-related jobs
- Open Clearance-related jobs
- Open Security assessments-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open Ruby-related jobs
- Open CEH-related jobs
- Open Encryption-related jobs
- Open CISM-related jobs
- Open GDPR-related jobs
- Open Agile-related jobs
- Open Open Source-related jobs
- Open Threat detection-related jobs
- Open OSCP-related jobs
- Open Intrusion detection-related jobs
- Open Machine Learning-related jobs
- Open DevSecOps-related jobs