IT Security Associate

Company Description

Work smart, have fun and make an impact!

EcoVadis is the leading provider of business sustainability ratings.

Our solutions are backed by an international team of experts and powerful technology. We analyze data and build sustainability scorecards that give companies actionable insights into their environmental, social and ethical risks.

Why apply to EcoVadis?

Be a part of the global sustainability change in business. Grow your career. Work with extraordinary people. Feel valued for your contribution.

Learn more about our team and culture on EcoVadis careers page

If you have questions about the company or open roles you can Chat with an insider

Job Description

Our IT Security team is seeking an IT Security Senior Associate to lead the security operations practices in our company, and bring forth security expertise in a fast-growing team. You will be the main point of contact for the alignment and provide hands-on collaboration in all areas of IT Security, ensuring that we deliver an outstanding service to our internal and external customers and stakeholders. 

As the IT Security Senior Associate, you will become the main point of contact and coordinator for the remediation of any improvement areas, as well as the ‘face’ of our team towards our Sales and Customer Solutions’ teams. Also, your knowledge and willingness to learn on new security trends and technologies will be of great value to our company, while identifying efficiency and automation opportunities.

This role, reporting directly to the IT Security Director, will include the following responsibilities:

• Define and conduct security reviews (technical and compliance checks) of our network, systems and platforms, and track the remediation of any identified gaps;
• Coordinate and organize evidence gathering for certification testing and audits;
• Delineate and execute a control testing strategy to comply with internal IT Security framework compliance, standards, and other applicable regulations;
• Establish and collaborate in the creation and maintenance of security guidelines for multiple technologies (e.g. SASE solutions, security baselines, etc.);
• Perform security reviews on SaaS applications used internally, and establish a formal process of application sanctioning and periodic review;
• Manage and lead improvements in the resiliency of non-cloud environments and operations (DRP, Backups, Domains, Incident Response);
• Maintain the security posture of our external surface, and manage issue remediations as necessary;
• Ensure proper documentation, configuration and operation of our security protective measures, and ensure that necessary fixes are planned and executed;
• Develop reports, dashboards and other mechanisms to report on project tracking, remediation progress, and other domains that require continuous follow-up;
• Promote an IT Security culture, and collaborate with the team in the creation of articles, FAQs, and documentation related to security awareness and training;
• Active support on security questionnaires, contract reviews and client meetings;
• Advocate for continuous improvement and automation wherever possible;
• Assist with other organization security projects and tasks as required.

Qualifications

• 3+ years of experience in a similar role in a relevant software or internet service industry;
• Minimum Bachelor of Science degree in Computer Science, Computer Engineering, or a related technical field;
• Strong experience in designing and implementing security guidelines and mechanisms to check adherence to such standards; 
• Experience in conducting manual and/or automatic security compliance reviews;
• Good knowledge of IT Security frameworks (e.g. ISO 27001, NIST CSF, etc.);
• Managing and prioritizing multiple tasks in accordance with high level objectives;
• Strong foundation in and in-depth technical knowledge of security engineering, computer and network security, authentication and security protocols;
• Experience with engaging external stakeholders (e.g. clients) regarding security protection methods, and agreeing on contractual clauses;
• Educated in the creation of reports and dashboards for different technical and executive stakeholders;
• Ability to conduct research about areas unknown to him/her, and use that knowledge to deliver security guidelines and propose improvements;
• Capacity to be organized and efficient handling diverse tasks simultaneously;
• Open to work in an international, multilingual environment;
• Proficient in English (oral and written);
• Hands-on experience with Google Workspace is a plus.

Additional Information

Our growing team in Spain is full of talented professionals from various fields who all share a desire to make sustainability real. We offer competitive salaries and support personal growth from day one.

This includes extensive onboarding, teammates' support and a brand-new e-learning platform bursting with courses and modules. So you can learn new skills and fine-tune old ones!

In return for your expertise and energy, we offer:

Working organization benefits:

• Casual and very friendly work environment
• Hybrid work organization (from the office or from home)
• Flexible working hours
• Home office allowance program
• IT equipment allowance
• Working from anywhere policy
• Opportunity to work in a truly international atmosphere

Compensation benefits:

• Base salary + variable compensation plan
• GRSP and TFSA matching program available
• Meals and Transportation Vouchers (Cobee card)

Wellness and Healthcare benefits:

• Health, Wellness, and Dental Benefits
• Life Insurance, Critical Illness, Accidental death, long-term disability insurance
• Free virtual Yoga/Pilates

More:

• Employee referral bonus policy
• Paid employee volunteer day
• Paid moving day ( 1/year)
• Access to online learning library
• Virtual and in-person team building events
• Co-working space with various services + opportunity to work in different locations (Europe and International)

Our hiring team looks forward to reviewing your CV, in English, with a guaranteed response to every application. A new job with purpose awaits you!

Don’t fit all the criteria but still think you’d be a good candidate? Please apply anyway to give our hiring team the opportunity to assess your skills and to learn more about what you could bring to EcoVadis. We’re interested in hiring capable people, regardless of professional and educational background.

Can the hiring process be adjusted to suit my needs? Yes. We want everyone going through the hiring process with EcoVadis to feel confident that you are able to demonstrate your full potential. We welcome applications from disabled people, people with long-term health conditions, and neurodiverse candidates. If you need any adjustments, including the provision of interview questions, please let the hiring team know.

Our team’s strength comes from everyone’s uniqueness and is founded upon mutual respect. EcoVadis commits to equity, inclusion and reducing bias in our hiring processes. EcoVadis does not accept any form of discrimination based on color, national or ethnic origin, ancestry, citizenship, religion, beliefs, age, sex, gender identity, sexual orientation, neurodiversity, disability, parental status, or any other protected characteristic that makes you unique. In your application, we encourage you to remove personal information such as: photographs, marital status, number of children, religion, gender, residential postal code, university graduation date, past medical or parental leave(s) taken, nationality (instead, please state if you are legally eligible to work in the job region/country), university name (instead, please state any degrees obtained and the study major)