IT Security Associate

Description du poste:

Company Description:

Work smart, have fun and make an impact!
Our purpose is to guide all companies toward a sustainable world. (COMPANY NAME) is the leading provider of business sustainability ratings. Our solutions are backed by an international team of experts and powerful technology. We analyze data and build sustainability scorecards that give companies actionable insights into their environmental, social and ethical risks.
Why apply to (COMPANY NAME)?
Be a part of the global sustainability change in business. Grow your career. Work with extraordinary people. Feel valued for your contribution.
Learn more about our team and culture on (COMPANY NAME) careers page
If you have questions about the company or open roles you can Chat with an insider

Job Description:

Our IT Security team is seeking an IT Security Associate to coordinate and support security operations practices in our company, and bring forth security expertise in a fast-growing team. You will be the main point of contact for the alignment and provide hands-on collaboration in all areas of IT Security, ensuring that we deliver an outstanding service to our internal and external customers and stakeholders.
As the IT Security Associate, you will become the main point of contact and coordinator for the remediation of any improvement areas, as well as the 'face' of our team towards our Sales and Customer Solutions' teams. Also, your knowledge and willingness to learn on new security trends and technologies will be of great value to our company, while identifying efficiency and automation opportunities.
This role, reporting directly to the IT Security Director, will include the following responsibilities:
* Active support on security questionnaires, contract reviews and client meetings.
* Define and conduct security reviews (technical and compliance checks) of our network, systems and platforms, and track the remediation of any identified gaps.
* Coordinate and organize evidence gathering for certification testing and audits.
* Delineate and execute a control testing strategy to comply with internal IT Security framework compliance, standards, and other applicable regulations.
* Establish and collaborate in the creation and maintenance of security guidelines for multiple technologies (e.g. SASE solutions, security baselines, etc.)
* Perform security reviews on SaaS applications used internally, and establish a formal process of application sanctioning and periodic review.
* Manage and lead improvements in the resiliency of non-cloud environments and operations (DRP, Backups, Domains, Incident Response).
* Maintain the security posture of our external surface, and manage issue remediations as necessary.
* Ensure proper documentation, configuration and operation of our security protective measures, and ensure that necessary fixes are planned and executed.
* Develop reports, dashboards and other mechanisms to report on project tracking, remediation progress, and other domains that require continuous follow-up.
* Promote an IT Security culture, and collaborate with the team in the creation of articles, FAQs, and documentation related to security awareness and training.
* Advocate for continuous improvement and automation wherever possible.
* Assist with other organization security projects and tasks as required.

Qualifications:

* 2+ years of experience in a similar role in a relevant software or internet service industry,
* Minimum Bachelor of Science degree in Computer Science, Computer Engineering, or a related technical field,
* High level of independence and proactivity. The ideal candidate will be capable of taking initiative, identifying opportunities for improvement, and driving projects forward without constant supervision.
* Strong experience in designing and implementing security guidelines and mechanisms to check adherence to such standards,
* Experience in conducting manual and/or automatic security compliance reviews,
* Good knowledge of IT Security frameworks (e.g. ISO 27001, NIST 800-53, etc.),
* Managing and prioritizing multiple tasks in accordance with high level objectives, and anticipating and addressing challenges as they arise.
* Strong foundation in information security, security engineering, network security, authentication and security protocols, access controls, etc.,
* Experience with engaging external stakeholders (e.g. clients) regarding security protection methods, and agreeing on contractual clauses,
* Educated in the creation of reports and dashboards for different technical and executive stakeholders,
* Ability to conduct research about areas unknown to him/her, and use that knowledge to deliver security guidelines and propose improvements,
* Capacity to be organized and efficient handling diverse tasks simultaneously,
* Ability to adapt and thrive in a fast-changing environment,
* Open to work in an international, multilingual environment,
* Proficient in English (oral and written).
* French language proficiency is an asset,
* Hands-on experience with Google Workspace is a plus.

Additional Information:

Our growing team in Spain is full of talented professionals from various fields who all share a desire to make sustainability real.
We offer competitive salaries and support personal growth from day one.
This includes extensive onboarding, teammates' support and a brand new e-learning platform bursting with courses and modules. So you can learn new skills and fine-tune old ones! In return for your expertise and energy, we offer:
Working organization benefits:
* Casual and very friendly work environment Hybrid work organization (from the office or from home)
* Hybrid for colleagues who live near our offices (4 days per month)
* Flexible working hours
* Home office allowance program IT equipment allowance
* Working from anywhere policy (3 months per year)
* Opportunity to work in a truly international atmosphere
Compensation benefits:
* Base salary + variable compensation plan
* Meals and Transportation Vouchers (Cobee card)
Wellness and Healthcare benefits:
* Health, Wellness, and Dental Benefits
More:
* Employee referral bonus policy
* Paid employee volunteer day Paid moving day ( 1/year)
* Access to online learning library Virtual and in-person team building events
* Co working space with various services + opportunity to work in different locations (Europe and International)
Our hiring team looks forward to reviewing your CV, in English, with a guaranteed response to every application.
A new job with purpose awaits you!
Don't fit all the criteria but still think you'd be a good candidate?
Please apply anyway to give our hiring team the opportunity to assess your skills and to learn more about what you could bring to (COMPANY NAME). We're interested in hiring capable people, regardless of professional and educational background.
Can the hiring process be adjusted to suit my needs? Yes.
We want everyone going through the hiring process with (COMPANY NAME) to feel confident that you are able to demonstrate your full potential. We welcome applications from disabled people, people with long-term health conditions, and neurodiverse candidates. If you need any adjustments, including the provision of interview questions, please let the hiring team know.
Our team's strength comes from everyone's uniqueness and is founded upon mutual respect.
(COMPANY NAME) commits to equity, inclusion and reducing bias in our hiring processes. (COMPANY NAME) does not accept any form of discrimination based on color, national or ethnic origin, ancestry, citizenship, religion, beliefs, age, sex, gender identity, sexual orientation, neurodiversity, disability, parental status, or any other protected characteristic that makes you unique. In your application, we encourage you to remove personal information such as: photographs, marital status, number of children, religion, gender, residential postal code, university graduation date, past medical or parental leave(s) taken, nationality (instead, please state if you are legally eligible to work in the job region/country), university name (instead, please state any degrees obtained and the study major)