Information Security Specialist

Time zone: CET

Location: EMEA

We are looking for an Information Security Specialist (SecOps) to support and improve our internal security operations and compliance readiness across endpoint protection, SaaS security, access management, vulnerability management, phishing response, security awareness, vendor security tracking, and incident support.

This is a hands-on operational role focused on monitoring security controls, triaging alerts, coordinating with IT Ops teams, maintaining security processes and metrics, and contributing to SOC 2 readiness.

Responsibilities:

• Monitor MDM and EDR coverage, device inventory, policy compliance, identify gaps, and coordinate with IT Ops teams.
• Triage EDR alerts, perform initial assessment, isolate devices when needed, and escalate incidents appropriately.
• Monitor inactive and privileged accounts across Google Workspace and key SaaS platforms.
• Track MFA coverage, maintain security metrics, and escalate deviations.
• Support endpoint patching processes and coordinate with IT Ops and DevOps teams on critical vulnerabilities and CVEs.
• Monitor baseline security alerts in Google Workspace and EDR platforms, assist with event triage, escalation, and log maintenance.
• Review phishing reports, isolate suspicious emails, notify users when needed, and support blocking policies in Google Workspace.
• Administer security awareness programs and phishing simulations in KnowBe4, including tracking department-level metrics.
• Maintain vendor security registers and support onboarding reviews for new tools and vendors
• Support incident response activities, escalation tracking, timeline management, and incident documentation.
• Participate in SOC 2 certification preparation and compliance-related activities.
• Help prepare responses to security questionnaires from current and prospective clients.

Requirements

• 2–4 years of experience in Information Security or a related field (IT, DevOps with a security focus).
• Hands-on experience with SaaS platforms from a security or administration perspective.
• Understanding of access management, vulnerability management, endpoint protection, and event monitoring.

• Experience with MDM solutions.

• Experience with EDR solutions.

• Ability to work independently and take ownership of tasks without clearly defined processes.
• Ability to help build and improve processes from scratch with support from the team.
• Experience coordinating with cross-functional teams.

• English level: B2 or higher.

Nice to have:

• Google Workspace administration experience.
• Experience with KnowBe4 or similar security awareness platforms.
• Participation in SOC 2 or ISO 27001 certification processes.
• Familiarity with CIS Controls or NIST CSF.
• Experience with automation, scripting, APIs, or no-code/low-code tools.

Originally posted on Himalayas