Information Security Officer

Information Security Officer – Support Level 2 / Level 3OverviewWe are seeking highly skilled Information Security Officers (L2 / L3) to support global IT securityoperations, compliance, and risk management initiatives across enterprise environments. Theseprofessionals will play a key role in protecting the organization's digital assets, driving risk assessments,and ensuring compliance with international security standards and regulations. The role involvescollaboration with regional and global teams, proactive vulnerability management, and leadership insecurity operations.The ideal candidate is analytical, proactive, and highly autonomous, with strong technical expertise in ITsecurity and the ability to align security initiatives with business goals.Support Level 2 (6–8 years of relevant experience)Role SummaryLevel 2 Security Officers act as subject matter experts responsible for executing operational securityprocesses, supporting audits, performing risk assessments, and ensuring compliance. They collaborateclosely with business and technical teams, providing recommendations and support for global securityinitiatives.Responsibilities• Conduct risk assessments on new projects, assets, and tools.• Maintain and manage the Risk Register, including tracking of risk acceptance, expiry, andrenewals.• Collaborate with regional and global Security MSPs and peers to address emerging threats.• Support compliance management and audits by collecting evidence, maintaining documentation,and tracking corrective actions.• Execute security reviews and approvals for projects, change requests, and system deployments.• Participate in CAB/E-CAB meetings to represent security requirements when needed.• Support security operations activities such as Patch Management, Backup & Restore, DR &BCP, and Malware follow-up.• Lead efforts to improve patch management visibility, process standardization, and vulnerabilityremediation.• Contribute to network security operations, including baseline configurations for firewalls,proxies, IDS/IPS, and WAF.• Support threat detection and vulnerability management processes with external and internalteams.• Assist in incident response and forensic investigations for security events.• Maintain and update Knowledge Base articles and participate in continuous improvement efforts.Required Skills & Experience• 6–8 years of experience in IT Security, Risk, or Compliance roles.• Proven experience supporting security assessments, audits, and operational risk management.• Knowledge of security standards such as ISO 27001/2, NIST, GDPR, and HIPAA.• Broad technical knowledge of IT infrastructure, cloud environments, and network security.• Hands-on experience with vulnerability management and incident response.• Familiarity with firewalls, proxies, IDS/IPS, and endpoint protection.• Strong problem-solving and documentation skills.• Excellent communication and collaboration in multicultural environments.• English proficiency level B2 or higher.• Security certifications such as CompTIA Security+, ISO 27001, or CISM are a plus.Support Level 3 (>8 years of relevant experience)Role SummaryLevel 3 Security Officers are autonomous experts who lead major risk assessments, incidentinvestigations, and security operations across multiple regions. They own root cause analysis for criticalsecurity events, define strategies for continuous improvement, and align with global leadership to ensureenterprise-wide security compliance and resilience.Responsibilities• Lead root cause analysis (RCA) and post-incident reviews for major security incidents.• Define and maintain the global risk management framework, ensuring alignment with corporatepolicies.• Drive vulnerability management and coordinate with third-party consultants for threat huntingactivities.• Manage security incident response and ensure effective forensic data collection and analysis.• Oversee network security architecture, including firewall configurations, IDS/IPS tuning, andproxy policies.• Implement data protection controls, DRP, and BCP strategies across cloud and on-premisesenvironments.• Ensure compliance and audit readiness, including evidence management and remediationtracking.• Develop and implement automation and monitoring processes for proactive detection andprevention.• Represent the security function in strategic discussions, CAB/E-CAB, and new projectevaluations.• Collaborate with senior stakeholders to define security roadmaps, policies, and risk mitigationplans.• Contribute to knowledge management and lead continuous improvement initiatives acrossregions.• Mentor junior team members, providing technical and procedural guidance.Required Skills & Experience• 8+ years in Information Security, Risk, or Compliance at enterprise level.• Advanced understanding of cybersecurity operations, threat management, and incidentresponse.• Proven leadership in global risk management and security governance frameworks.• Strong experience with security audits, compliance programs, and policy implementation (ISO27000, NIST, GDPR).• Deep technical expertise in cloud and network security, including vulnerability management andpenetration testing.• Experience coordinating with vendors and OEMs for specialized technical support.• Strong leadership, communication, and stakeholder management skills.• English proficiency level B2–C1.• Relevant certifications: CISM, CISSP, CRISC, CISA, CEH, or ISO 27001 Lead Implementer.