Location: Remote - Estonia, Turkey, UK

Team: Operations

The Information Security Compliance Specialist ensures that Binalyze’s Information Security Management System (ISMS) and Business Continuity Management System (BCMS), including its systems, processes, and procedures comply with internal policies and external regulatory requirements. The role must maintain a strong knowledge of industry standards and best practices related to information security, compliance, and risk management. The role collaborates with various teams, including engineering, finance, sales, marketing and people to ensure that information security practices are aligned with company goals and integrated into business operations. The specialist coordinates with external auditors to assess compliance with applicable regulations and provide subject matter expertise to the other teams for projecting Binalyze’s information security practices to external parties and partners.

+ What you’ll do

• Develop and maintain information security policies, procedures, and guidelines in accordance with industry standards and regulatory requirements.
• Supervise (monitor, assess and communicate) Binalyze’s information security risks management system.
• Collaborate with the information security team to implement and maintain effective security controls, including secure coding, threat hunting, incident response, system monitoring, and business continuity, and participate in incident response activities.
• Conduct security assessments and audits to ensure compliance with applicable regulations, such as ISO 27001, ISO 22301, ISO 27701, SOC II, and GDPR.
• Serve as a liaison with external auditors and regulators to provide evidence of compliance and facilitate audits and assessments.
• Develop, implement, and maintain a comprehensive risk management framework to identify, assess, and mitigate information security and business continuity risks, ensuring that risks are communicated effectively across the organization and addressed in a timely manner.
• Develop and deliver information security training and awareness programs to educate employees on information security policies and procedures
• Stay up-to-date on the latest information security trends, technologies, and best practices, as well as relevant regulations and laws, and provide recommendations for improving the organisation’s security and compliance posture.
• Manage and supervise Binalyze’s GRC tool and ISMS/BCMS documentation.
• Ensure alignment between information security controls and business continuity measures, ensuring that both disciplines work together to protect critical assets and ensure operational resilience.

+ Education and Experience

• Bachelor's degree in Computer Science, Information Technology, or a related field
• Experience in IT security and compliance, including experience with regulatory compliance frameworks such as ISO 27001, ISO 27701, ISO 22301, SOC2, GDPR and NIST 800-53.
• Strong knowledge of information security and business continuity principles, practices, and technologies, including network security, access controls, cryptography, and security operations
• Strong understanding of ISMS/BCMS documentation.
• Professional proficiency in English.
• Experience with security assessments, business continuity tests, audits, and compliance reporting.
• Related professional certifications such as CISA, ISO/IEC 27001 Lead Auditor, ISO 22301 Lead Implementer, GSEC, and CompTIA Security are preferred.

+ Skills & Behaviours

Skills:

• Technical Skills:
  • In-depth understanding of information security and business continuity controls and compliance requirements.
  • Proficient in managing GRC tools such as Drata and ISMS/BCMS documentation.
  • Skilled in conducting audits and assessments for both security and business continuity.
• Communication:
  • Excellent communication skills with the ability to collaborate with various teams and communicate technical information to non-technical stakeholders in English.
  • Ability to clearly explain complex technical concepts related to both information security and business continuity.
• Strategic thinking:
  • Strategic thinking to align security and continuity practices with business goals.
  • Analytical skills to assess and mitigate security and continuity risks. Strong analytical and problem-solving skills, with the ability to assess and mitigate security risks and vulnerabilities
• Data-driven:
  • Ability to use metrics, risk assessments, and compliance data to inform security and business continuity strategies.
• Project management:
  • Experience leading projects to enhance both security frameworks and business continuity strategies.

Behaviours:

• Adaptability: Able to respond to both security incidents and business continuity challenges in real-time.
• Empathy: Understands the needs of diverse teams while balancing security and continuity demands.
• Initiative: Proactive in identifying risks related to both information security and business continuity.
• Resilience: Able to maintain focus and effectiveness under pressure during security incidents or business disruptions.
• Collaboration: Works closely with all teams to ensure alignment between security controls and continuity measures.
• Growth Mindset: Committed to continuous learning and improvement in both fields.
• Remote Working: Demonstrates strong self-management skills for effective remote collaboration.
  

+What we offer

• 28 days holiday allowance + wellbeing days + birthday off!
• Private medical insurance for you and your family.
• A supportive and collaborative team that's as passionate as you are.
• Home office setup support.
• Great opportunities for growth and development
• Entertainment allowance - Netflix / Spotify.
  
• Healthy living allowance- Gym membership.

+Join Us:
If you're ready to take the lead as the driving force redefining the DFIR industry, we want to hear from you.

+Diversity and Inclusion:
We are committed to diversity and inclusion, and we encourage candidates from all backgrounds to apply.