Information Security Risk & Compliance Analyst supporting the maintenance of ISO 27001 standards. Contributing to risk assessments and compliance across AAB’s Business Protection Team.
About the role
- Information Security Specialist responsible for enhancing cybersecurity posture through incident management and compliance. Collaborating with cross-functional teams to monitor threats and implement security measures.
Responsibilities
- Monitor security events and alerts using security tools
- Investigate and respond to security incidents, including analysis, containment, and remediation
- Support incident response processes and post-incident reviews
- Assist in risk assessments, vulnerability management, and remediation tracking
- Support compliance initiatives aligned with frameworks such as ISO/IEC 27001, ISO 22301, ISO 9001, NIS2, GDPR, and other relevant standards
- Contribute to the development, implementation, and maintenance of security policies, procedures and standards
- Participate in secure system design and architecture reviews
- Prepare reports, dashboards, and metrics for the CISO and senior stakeholders
- Maintain accurate documentation related to security controls, incidents, and risk assessments
- Support internal and external audits
- Collaborate with IT, engineering, and other teams to integrate security best practices
- Promote security awareness across the organization
- Stay up to date with emerging threats, vulnerabilities, and industry trends
- Support the CISO in preparing and reviewing responses to client security inquiries, due diligence assessments, and RFPs, ensuring alignment with organizational security controls and compliance frameworks.
Requirements
- Bachelor’s degree in Computer Science, Information Security, or related field
- 3–5 years of experience in information security or a related role
- Hands-on experience with security tools (SIEM, EDR, vulnerability scanners)
- Good understanding of networking, operating systems, and cloud environments
- Familiarity with security & risk management frameworks (e.g., ISO/IEC 27001, ISO 31000, NIST, CIS Controls)
- Experience with incident response and threat analysis
Benefits
- Competitive salary and performance-based bonuses
- Professional development opportunities and certifications
- Flexible work schedule and semi-remote work options
- Collaborative and innovative work environment
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Information Security Risk & Compliance Analyst at AAB managing compliance with ISO 27001, supporting enterprise risk assessments and enhancing information security systems.
Information Security Risk & Compliance Analyst at AAB focusing on ISO 27001 compliance and information security management. Collaborating across teams to ensure robust risk and compliance frameworks.
Security Principal at Optiv designing AI security solutions for clients, leveraging advanced security services and technologies. Driving pipeline generation and maintaining strong client relationships as a trusted advisor.
Cloud Security Architect supporting federal customer projects focused on architecture and security solutions. Conducting risk assessments and defining security requirements within a cloud environment.
Senior Lead Info Security Architect leading and collaborating on cybersecurity solutions at TIAA. Responsible for secure design and implementation of cloud security strategies and practices.
Part Time Security Officer providing protection for Collector's personnel and assets at trade shows across North America while reporting to Security Shows & Transportation Manager.
Enterprise Security Architect at PBCN GmbH designing and implementing security architectures. Collaborating with teams to ensure application security and conducting risk assessments.
IT & Security Manager at Medenterprises managing technology and cybersecurity for healthcare professionals in Australia and New Zealand. Leading strategic initiatives and infrastructure to enhance security posture.
Senior Manager leading cybersecurity integration across product lines and services at ADI Global. Overseeing strategies, managing teams, and aligning with organizational goals.