Information Security Specialist

  • Full-time

Company Description

SmartRecruiters is a values-driven, global-minded, and well-funded tech employer on a mission to connect people to jobs at scale. As a global leader in enterprise recruitment software, SmartRecruiters offers a cloud-based global Hiring Success platform that allows teams to attract, select, and hire the best talent. 4,000 companies worldwide rely on SmartRecruiters to achieve hiring success—including brands like Bosch, LinkedIn, Skechers, and Visa—using recruitment marketing, CRM, AI, ATS, and a marketplace of 600+ connected vendors all within one scalable platform.

SmartRecruiters was recognized by Forbes as one of the Best Employers in 2020. We are proud to offer a collaborative, diverse, and remote-friendly work environment, as well as competitive salaries and generous equity. We believe in promotion from within, so high performance can lead to upward mobility. Needless to say, we make sure you’re taken care of. Our inclusive office environment welcomes and respects all.

Job Description

SmartRecruiters needs to ensure that all of its applications and systems are compliant with ISO 27001/2, GDPR, and SOC-2 regulations. It needs resources to facilitate the auditing of controls in place for compliance with those regulations, ensure that the technical teams have the evidence to prove their controls are in place, and if they are not, they need to work with the stakeholders and the technical teams to get them in place. 

Responsibilities: 

  • Oversee a varied and complex regulatory compliance program covering multiple domains and disciplines
  • Managing the stakeholder expectation & partnering with stakeholders to ensure management of IT risks and compliance
  • Maintain regional and local stakeholder relationships, meeting schedules, minutes, reports 
  • Effectively implement and maintain the SOC-2 framework 
  • Effectively manage ISO 27001  audits and coordinate with stakeholder improvements of ISMS 
  • Maintain, manage and monitor regional and local compliance to the ISMS frameworks such as Risk Management, Asset and Access Management,  GDPR, and SOC2 regulatory/legal and other obligations/requirements
  • Appropriately analyze security findings and participate in remediation of issues with control owner /assurance partners
  • Provide support in using evidence repositories to control owners
  • Provide support of policy/standards exceptions, report status to regional and local management, and advise on corrective actions
  • Prepare stakeholder presentations for stakeholders and senior leadership 
  • Understanding of risks and risk assessments

Qualifications

  • Compliance or auditing experience for one regulation – ISO 27001, GDPR and SOC-2 
  • Detailed knowledge controls auditing principles with a focus on SOC-2
  • Knowledge of controls manifestation in small global corporations with regional and local presence is required
  • Good understanding of coordination and facilitation roles
  • The ability to investigate, question, and interpret internal and external IT security and compliance issue is required
  • A good understanding of technology is required
  • Experience in working across business units and geographical boundaries to engage engineering, business, and team members is required

Additional Information

SmartRecruiters is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

Privacy Policy