Senior IT Security Analyst (Compliance)

As an Information Security and Business Continuity Management Specialist, you will be an integral part of our team responsible for ensuring the protection and availability of the company's assets. You will be responsible for supporting the design, implementation and maintenance of our information security management systems and business continuity management systems, as well as supporting the certification process for ISO 27001, ISO 22301 and the National Security Framework (ENS). 

Additionally, you will play a key role in supporting the incident response team, ensuring a swift and effective response to any information security incidents. You will be responsible for managing the complete lifecycle of incidents, from response to recovery, and conducting post-incident lessons learned meetings to extract valuable insights for continuous improvement. You will provide necessary guidance to mitigate impacts and minimize exposure to risks. 

This role presents an exciting opportunity to contribute to strengthening information security and business continuity within our organization, as well as to develop your skills in a dynamic and ever-evolving environment. 

 
Responsibilities: 

• Maintain and improve the Information Security Management System (ISMS) in accordance with ISO 27001 standards and National Security Framework (ENS) requirements. 

• Develop and execute action plans to ensure compliance with information security policies and procedures. 

• Oversee and maintain information security controls to protect company assets against internal and external threats. 

• Plan, implement, and test business continuity plans to ensure availability and rapid recovery of operations in case of disruptions. 

• Provide support the certification process for ISO 27001, ISO 22301, and the National Security Framework (ENS), including preparation of necessary documentation and coordination with external auditors. 

• Provide training to staff on information security and business continuity matters to promote a culture of security throughout the organization. 

• Provide support to the incident response team to manage the lifecycle of a security incident, including detection, analysis, containment, eradication and recovery. 

Requirements: 

• Bachelor’s degree in computer science, Information Systems, Information Security, or related field. 

• Demonstrated previous experience in implementing and managing information security management systems and business continuity management systems. 

• Deep knowledge of ISO 27001, ISO 22301, and the National Security Framework (ENS) standards. 

• Experience in coordinating and executing information security audits. 

• Excellent communication skills and ability to work effectively in a team environment. 

• Relevant certifications in information security (e.g., ISO 27001/22301 Foundation, Lead Implementer, CEH, Azure Security, CompTIA Security) are highly desirable. 

• Ability to adapt and work in a dynamic and ever-changing environment. 

Nice to have: 

• Bachelor's Degree.