InfoSec Analyst
Indexed description
# InfoSec Analyst - AltoVita
**Location:** London, United Kingdom **Department:** Engineering
## About the Company
AltoVita is a female-founded scale-up with approximately 100 employees across 26 countries, speaking 29 languages collectively. The company is a multi-award winning accommodation platform that enables enterprises to consolidate accommodation programmes through proprietary technology and a human-centric approach. AltoVita recently closed Series A financing and will be entering Series B rounds. The company operates a network of 10 million+ verified properties across 35,000+ cities in 165 countries worldwide.
## Key Responsibilities
**Security and Privacy Operations** - Support day-to-day operation of AltoVita's information security and privacy activities - Maintain security, privacy and compliance documentation - Track security and privacy actions, control improvements and remediation activities - Maintain registers including risks, issues, actions, policies, vendors, assets, data processing activities and control evidence - Coordinate updates between internal teams to ensure progress on agreed actions - Prepare security and privacy reports, summaries and updates for internal stakeholders - Ensure security and privacy activities are documented, repeatable and easy to evidence - Escalate risks, issues or delays to the CISO or relevant business owner
**Compliance and Audit Support** - Support internal and external compliance activities including ISO 27001, SOC 2, GDPR and client assurance requirements - Gather evidence for audits, assessments and control reviews - Maintain audit trackers, evidence folders and compliance records - Coordinate with internal teams to obtain required documentation and control evidence - Support follow-up actions from audits, assessments or client reviews - Assist with maintenance of policies, procedures and standards - Ensure compliance activities are well organised and delivered within agreed timelines - Support CISO and control owners with audit preparation and remediation tracking
**Policy and Documentation Support** - Maintain clear, practical and accessible security and privacy documentation - Review and update information security and privacy policies - Assist with creation of standards, procedures, guidance notes and user-facing materials - Ensure documents are version controlled, approved and communicated appropriately - Maintain policy review schedules and track required updates - Draft practical guidance for employees on security and privacy topics - Support communication of policy changes across the business - Ensure documentation is accurate, consistent and aligned to business processes
**Security Awareness and Culture** - Carry out security and privacy training administration and ensure 100% completion rates across the business - Support development of awareness content, reminders, newsletters, FAQs and guidance - Coordinate phishing simulations and follow-up communications - Track training completion and awareness participation - Support campaigns that promote secure behaviours and good privacy practices - Make security and privacy feel practical, accessible and enabling - Escalate recurring behavioural or process issues to the CISO or relevant business owner
**Privacy Support** - Assist with maintenance of privacy records, including data processing registers and related documentation - Track privacy actions, assessments and improvement activities - Gather information for privacy reviews, data mapping or data protection impact assessments - Provide practical privacy guidance to internal teams, escalating complex matters where needed - Assist with record keeping for data subject requests, incidents or privacy enquiries - Ensure privacy documentation remains organised, accurate and accessible
**Client Assurance and Security Questionnaires** - Support completion of client security and privacy questionnaires, RFP responses and due diligence requests - Prepare responses to client security and privacy questions - Maintain library of approved answers, evidence and supporting materials - Coordinate with internal subject matter experts to obtain accurate information - Ensure responses are consistent with AltoVita's current controls, policies and practices - Translate technical or compliance information into clear, client-friendly language - Track open client assurance requests and support timely completion - Escalate complex, high-risk or contractual questions to the CISO, Legal or relevant business owner
**Supplier and Third-Party Support** - Assist with supplier due diligence questionnaires and evidence collection - Maintain supplier records, risk ratings and review schedules - Track supplier security or privacy actions - Support periodic reviews of key suppliers - Ensure supplier documentation is complete and up to date - Escalate potential supplier risks or concerns to the appropriate owner
**Incident and Risk Support** - Support security, privacy
Apply directly on RemoteJobs.org: https://remotejobs.org/remote-jobs/infosec-analyst-altovita
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search