Information Security Specialist

You will be responsible for building and maintaining a pragmatic and scalable security framework that protects organizational systems, supports compliance requirements, and enables secure adoption of AI tools across the business. You will lead key security operations while acting as a trusted partner to cross-functional teams in a distributed environment.

• Define and implement AI governance frameworks, including safe usage policies, risk assessments, and secure adoption guidelines.
• Own vulnerability management processes, including scanning, triage, remediation tracking, and reporting across systems and applications.
• Support compliance initiatives such as SOC 2 and ISO 27001, including audit preparation, evidence collection, and control monitoring.
• Lead incident response activities, including investigation, containment, documentation, and post-incident improvements.
• Manage and optimize security tooling such as SIEM, EDR, DLP, and identity/access management solutions.
• Conduct vendor and third-party risk assessments, including evaluation of SaaS and AI service providers.
• Develop clear, usable security policies, standards, and runbooks that support operational efficiency.
• Partner with engineering teams on application security practices, secure architecture, and penetration testing support.
• Drive security awareness programs, including training, phishing simulations, and AI literacy initiatives.
• Monitor emerging threats, especially AI-related risks, and translate insights into actionable recommendations.

Requirements

You are a pragmatic and solution-oriented security professional who understands how to balance protection with business enablement. You are comfortable working autonomously in a remote, fast-paced environment and have a strong interest in emerging technologies, especially AI and SaaS ecosystems.

• 4 years of experience in information security, cybersecurity, or a related technical field.
• Hands-on experience with compliance frameworks such as SOC 2 and ISO 27001.
• Strong understanding of cloud security (AWS, GCP, or similar), IAM, and endpoint protection.
• Experience working with security tools such as SIEM, EDR, DLP, and vulnerability scanners.
• Solid knowledge of incident response processes and operational security practices.
• Experience in SaaS or distributed/remote-first environments.
• Strong written and verbal communication skills, with the ability to simplify complex security concepts.
• Experience evaluating AI/ML tools for privacy and security risks is a strong plus.
• Familiarity with vendor risk management and third-party security assessments.
• Security certifications (CISSP, CISM, Security ) are a plus but not mandatory.

Benefits

• Competitive salary: $151,000 – $170,000 (or local equivalent, based on experience)
• Comprehensive health coverage including medical, dental, vision, and mental health support for employees and families
• 16 weeks of fully paid parental leave
• Unlimited paid time off
• Remote-first work environment with global flexibility
• Home office and wellness stipends
• Professional development budget for learning and certifications
• Inclusive, transparent, and collaborative company culture
• Opportunity to shape the security foundation of a scaling global SaaS platform
• Exposure to cutting-edge AI adoption and governance initiatives