Information Security Analyst

17 hours, 27 minutes ago
Freelance
Mid Level
Cybersecurity
Didomi

Didomi

Didomi offers innovative solutions for organizations to collect, respect, and leverage user choices in compliance with data privacy regulations, driving higher customer engagement and increasing consumer trust.

IT Services
51-250
Founded 2017
$46M raised

Description

  • Maintain and improve the ISO 27001 management system so controls remain effective, documented, and continuously evidenced.
  • Support internal audits, surveillance audits, and recertification cycles, including the unified audit covering Didomi and acquired business units.
  • Track corrective actions, nonconformities, and continuous improvement initiatives through to closure.
  • Run recurring security calendar activities, including vulnerability scanning campaigns, quarterly access reviews, risk assessments, business continuity tests, and policy review cycles.
  • Triage vulnerability findings from AWS GuardDuty, Inspector, and other sources and help define remediation priorities.
  • Perform periodic access reviews across critical systems such as Google Workspace, AWS, Slack, JAMF, GitLab, GitHub, and internal applications.
  • Review new tools, vendors, and SaaS applications for security and compliance risks before adoption.
  • Help assess and harden internal workflows with a focus on identity and access management, MFA, SSO, and data handling.
  • Support security questionnaires, RFPs, and customer due diligence requests.
  • Support broader initiatives such as AI governance, SaaS governance, and integrating acquired entities into the ISO scope.

Requirements

  • 3+ years of experience in a GRC, compliance, or information security analyst role, ideally in a SaaS or technology company.
  • Solid working knowledge of ISO 27001, including Annex A controls and the audit process.
  • Hands-on experience with vulnerability management tools and access governance processes.
  • Hands-on experience with Vanta, including running ISO 27001 or comparable audits end-to-end on the platform.
  • Hands-on experience with AWS security tools, especially GuardDuty and Inspector, including triaging findings and proposing remediation priorities.
  • Demonstrated use of AI tooling to accelerate recurring compliance and documentation work, with concrete examples of what you have built or automated.
  • Strong bias toward removing unnecessary process and proposing lighter alternatives.
  • Strong written communication in English, with the ability to explain security topics clearly to engineers, executives, and customers.
  • Pragmatic mindset focused on controls that work in practice rather than only on paper.
  • Experience supporting HIPAA or HITRUST programs and mapping requirements across frameworks, preferred.
  • Familiarity with cloud environments, especially AWS, and common SaaS administration tools such as Google Workspace, Slack, and identity providers, preferred.
  • Exposure to security questionnaire platforms and trust center tooling, preferred.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

SOC Analyst L1

CallTek 51-250 Internet Software & Services

SOC Analyst L1 at a cybersecurity operations team responsible for monitoring, triaging, documenting, and escalating security alerts from multiple defensive systems.

CrowdStrike Cybersecurity DNS IDS Linux Lucene Network Security SIEM Splunk TCP/IP
16 hours, 57 minutes ago

Open Source Investigators - Contractor - UK

Centre for Information Resilience 11-50 Diversified Consumer Services

Centre for Information Resilience is hiring two OSINT Investigators to support a team investigating malign influence through open-source research, digital analysis, and reporting work focused on documenting harmful networks and activity.

17 hours, 12 minutes ago

FBS Information Security Analyst

Capgemini 100K+ Internet Software & Services

Farmers Business Services, through Capgemini as Employer of Record, is hiring an Information Security Analyst to manage mainframe access security and help protect systems and data from unauthorized access and incidents.

DB2
2 days, 17 hours ago

Government Security Personnel Analyst

Accenture 100K+ Professional Services

Accenture Federal Services is hiring a Government Security Personnel Analyst to support personnel security operations for U.S. federal government programs, managing clearance and access processing, records, and related casework.

3 days, 16 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers