Listing Description

Globalization Partners’ automated, AI-enabled global employment platform, designed by our technical teams and powered by our worldwide HR experts, enables our customers to hire, onboard, and manage the best talent they can find, anywhere in the world.    

With diverse teams all around the world, our people are the heartbeat of the company and the reason why Globalization Partners is a fun and inclusive place to work. We encourage and support personal growth and career development, trust our team members with the autonomy to do their best work, and believe in recognition for a job well done.    

Our ideal candidate has a passion for automation, is a deep innovator, and wants to solve complex problems. Your knowledge and experience will be crucial to design and develop high performing cloud-based software products using traditional Agile methodologies and modern frameworks.  

Did we mention you can experience all of this while working remotely? As a remote-first employer, we value your experience and skills more than where you are located. Join our collaborative work environment where you can make a real impact and love the work you’re doing! 

About the position:

As Information Security Analyst, you will support the implementation of the company security strategy, compliance and risk management plan. You will deal with a large spectrum of sensitive and highly regulated data, ensuring compliance toward regulations, internal policies, customer requirements and administer existing and new security tools according to best practices and compliance guidelines.

What you will do:

• Develop, and maintain information security policies and procedures and ensure that the security strategies are being followed, so as to meet the organizational security goals and standards


• Apply industry best practices to ensure confidentiality, integrity, and availability of Globalization Partners' (GP) corporate data.


• Work with senior management to define and implement detailed security policies encompassing the entire data lifecycle, including backup, retention, destruction, and sharing policies of any and all corporate data, email, and employee/contractor/partner work product owned, controlled or processed by GP


• Collaborates with stakeholders to create, implement, and maintain policies and procedures which comprise the organization's Data Governance Program


• Works with the Privacy team to develop the approach for documenting and responding to data incidents and directly support the team responding to these incidents


• Responds to security inquiries from customers and third parties


• Develops and implements methodologies to assess the security controls of the company's vendors and partners


• Works with executive management to determine acceptable levels of risk for the organization


• Creates a "security culture" throughout the organization through training, communications, and awareness building

What we're looking for:

• Advanced security monitoring setup and configuration


• Understanding of software development security analysis and identifying security vulnerabilities


• Understanding of information technology security from a cloud and endpoint perspective


• Strong understanding of security as it relates to DevOps (specifically in CI/CD)


• Experience in SaaS, multi-tenant customer solutions


• Experience working with cross functional teams with a singular security focus


• Understanding of security best practices across multiple industries


• Stakeholder Management


• Understanding of GDPR, HIPAA, SOX or any other security framework


• Excellent verbal and written communication skills

Qualifications:

• Bachelor's Degree in Information Technology, Computer Science, Business, or Engineering required, or equivalent experience or relevant certification


• 5+ experience managing information security initiatives company wide


• Familiarity with global privacy and security laws, including but not limited to GDPR, CCPA, the Singapore Personal Data Protection Act (PDPA), and others


• Experience with information security management frameworks, such as ISO 27001 and SOC 2


• Experience with security monitoring/auditing tools


• Experience managing security vendors


• Experience with cloud computing; AWS preferred


• Experience with computer network penetration testing and techniques


• Understanding of firewalls, proxies, SIEM, EDR, and IDPS concepts


• Ability to identify and mitigate network vulnerabilities and explain how to avoid them.


• Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact


• CISSP and/or CISM certification desired