Information Security Compliance Specialist

The Information Security Compliance Specialist ensures that Binalyze’s Information Security Management System (ISMS) and Business Continuity Management System (BCMS), including its systems, processes, and procedures comply with internal policies and external regulatory requirements. The role must maintain a strong knowledge of industry standards and best practices related to information security, compliance, and risk management. The role collaborates with various teams, including engineering, finance, sales, marketing, and people to ensure that information security practices are aligned with company goals and integrated into business operations. The specialist coordinates with external auditors to assess compliance with applicable regulations and provide subject matter expertise to the other teams for projecting Binalyze’s information security practices to external parties and partners.

What you’ll do:

• Develop and maintain information security policies, procedures, and guidelines in accordance with industry standards and regulatory requirements.
• Supervise (monitor, assess and communicate) Binalyze’s information security risks management system.
• Collaborate with the information security team to implement and maintain effective security controls, including secure coding, threat hunting, incident response, system monitoring, and business continuity, and participate in incident response activities.
• Conduct security assessments and audits to ensure compliance with applicable regulations, such as ISO 27001, ISO 22301, ISO 27701, SOC II, and GDPR.
• Serve as a liaison with external auditors and regulators to provide evidence of compliance and facilitate audits and assessments.
• Develop, implement, and maintain a comprehensive risk management framework to identify, assess, and mitigate information security and business continuity risks, ensuring that risks are communicated effectively across the organization and addressed in a timely manner.
• Develop and deliver information security training and awareness programs to educate employees on information security policies and procedures.
• Stay up-to-date on the latest information security trends, technologies, and best practices, as well as relevant regulations and laws, and provide recommendations for improving the organization’s security and compliance posture.
• Manage and supervise Binalyze’s GRC tool and ISMS/BCMS documentation.
• Ensure alignment between information security controls and business continuity measures, ensuring that both disciplines work together to protect critical assets and ensure operational resilience.

What we’re looking for:

• Experience: Experience in IT security and compliance, including experience with regulatory compliance frameworks such as ISO 27001, ISO 27701, ISO 22301, SOC2, GDPR, and NIST 800-53. Strong knowledge of information security and business continuity principles, practices, and technologies, including network security, access controls, cryptography, and security operations. Strong understanding of ISMS/BCMS documentation. Experience with security assessments, business continuity tests, audits, and compliance reporting. Related professional certifications such as CISA, ISO/IEC 27001 Lead Auditor, ISO 22301 Lead Implementer, GSEC, and CompTIA Security are preferred.
• Technical Skills: Deep understanding of information security and business continuity controls, compliance requirements, and regulatory frameworks. Proficiency in managing GRC tools such as Drata and maintaining ISMS/BCMS documentation. Experienced in conducting, responding to, and remediating audits and assessments for security and business continuity.
• Communication & Collaboration: Exceptional (English) written and verbal communication skills, with the ability to craft clear, persuasive, and comprehensive audit responses, reports, and policies. Adept at translating complex technical concepts into accessible language for non-technical stakeholders, ensuring alignment and understanding across teams. Skilled in writing formal security documentation, policies, and executive-level reports that effectively communicate risk, compliance status, and security recommendations. Strong ability to present security findings, risks, and mitigation strategies in a compelling and structured manner. Works closely with all teams to ensure alignment between security controls and continuity measures.
• Analytical and Problem-solving skills: Ability to use metrics, risk assessments, and compliance data to inform security and business continuity strategies.
• Project management: Experience leading projects to enhance both security frameworks and business continuity strategies.
• Initiative: Proactive in identifying risks related to both information security and business continuity.
• Adaptability & Resilience: Able to maintain focus and effectiveness under pressure during security incidents or business disruptions. Able to respond to both security incidents and business continuity challenges in real-time.
• Growth Mindset: Committed to continuous learning and improvement.
• Remote Working: Demonstrates strong self-management skills for effective remote collaboration.

What we offer: 28 days holiday allowance + wellbeing days + birthday off! Private medical insurance for you and your family. A supportive and collaborative team that’s as passionate as you are. Home office setup support. Great opportunities for growth and development. Entertainment allowance - Netflix / Spotify. Healthy living allowance - Gym membership.

Join Us: If you’re ready to take the lead as the driving force redefining the DFIR industry, we want to hear from you.

Diversity and Inclusion: We are committed to diversity and inclusion, and we encourage candidates from all backgrounds to apply.