IT Security & Compliance Engineer
We are seeking a detail-oriented and proactive Security & Compliance Officer to oversee our data protection, IT security, and compliance initiatives. This role will ensure adherence to GDPR, SOC 2, and ISO 27001 standards, while also providing hands-on support in administrative and IT operational functions. The ideal candidate will combine regulatory knowledge with practical IT skills to maintain both compliance and smooth day-to-day operations. Key Responsibilities Security & Compliance Implement and maintain compliance frameworks including GDPR, SOC 2, and ISO 27001. Conduct regular risk assessments, internal audits, and gap analyses to identify vulnerabilities. Prepare and maintain documentation for compliance policies, procedures, and controls. Fill and maintain Infosec documentation, questionnaires, and client/vendor security compliance forms. Coordinate with external auditors and certification bodies for compliance audits. Monitor and respond to security incidents, ensuring timely resolution and reporting. Train employees on security best practices and regulatory requirements. IT Support Manage user accounts, access controls, and system permissions. Maintain IT asset inventory and ensure security configurations are up to date. Provide first-level troubleshooting for hardware, software, and network issues. Liaise with IT vendors for maintenance, procurement, and upgrades. Administrative Support Maintain records, reports, and compliance-related documentation. Coordinate with internal teams for policy implementation and process improvements. Support office administration functions, including procurement of IT and office supplies. Assist in managing contracts, licenses, and vendor relationships. Requirements Education & Certifications Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related field. Relevant certifications preferred: ISO 27001 Lead Implementer/Auditor, CISM, CISA, GDPR Practitioner, or equivalent. Experience 2–5 years of experience in IT security, compliance, or related roles. Hands-on experience with GDPR, SOC 2, and ISO 27001 implementation. Experience filling Infosec documents and responding to client/vendor compliance requirements. Exposure to IT systems administration and troubleshooting. Experience in administrative coordination is an advantage. Skills Strong understanding of information security principles and data privacy regulations. Excellent documentation, communication, and training skills. Ability to manage multiple priorities and work cross-functionally. Analytical mindset with problem-solving skills.
