Role Overview:

The Information Security Specialist is responsible for ensuring governance compliance, implementing cybersecurity controls, and safeguarding IT assets across the organization. The role focuses on protecting the confidentiality, integrity, and availability of data and IT services, while aligning with global security standards and KPIs.

Key Responsibilities:

• Enforce compliance with cybersecurity regulations, policies, and governance processes.

• Assess and improve security controls using Global Cyber Security Goals and KPIs.

• Conduct vulnerability assessments and identify potential threats or weaknesses in applications and services.

• Develop and test security measures to prevent unauthorized access, modification, or data loss.

• Lead efforts in IAM (Identity and Access Management), including SSO, MFA, and PAM integrations.

• Support data classification, cloud security, and application recovery processes.

• Coordinate and respond to security incidents, including root cause analysis and remediation.

• Advise on and implement security measures throughout the SDLC with quality gates.

• Evaluate and recommend technologies and best practices to strengthen the organization’s security posture.

Required Skills & Experience:

• 7+ years of professional experience in IT security, governance, and compliance.

• Deep understanding of IAM frameworks, security policies, and IT standards.

• Strong knowledge of firewalls, encryption, authentication/authorization, and secure system design.

• Familiarity with frameworks and methodologies such as NIST, OWASP, OSSTMM.

• Experience in incident, problem, and change management processes.

• Practical experience with DevSecOps and embedding security into development workflows.

• Proven ability to manage stakeholders and lead cross-functional security initiatives.

• Understanding of threats, risks, and modern security control mechanisms.

• Experience in implementing security measures for cloud and on-premises environments.

Preferred Certifications:

• CISSP (Certified Information Systems Security Professional)

• CCSP (Certified Cloud Security Professional)

• IAM-related certifications (e.g., Okta, CyberArk, Azure AD, or Ping Identity)

Core Competency:

Information Security Management (ISM) and Process Orientation for Cybersecurity Governance