IT Security & Compliance Engineer

Security & Compliance Officer

GDPR, SOC 2, and ISO 27001

administrative

IT operational

Key Responsibilities

Security & Compliance

• Implement and maintain compliance frameworks including GDPR, SOC 2, and ISO 27001.
• Conduct regular risk assessments, internal audits, and gap analyses to identify vulnerabilities.
• Prepare and maintain documentation for compliance policies, procedures, and controls.
• Fill and maintain Infosec documentation, questionnaires, and client/vendor security compliance forms.
• Coordinate with external auditors and certification bodies for compliance audits.
• Monitor and respond to security incidents, ensuring timely resolution and reporting.
• Train employees on security best practices and regulatory requirements.
  

IT Support

• Manage user accounts, access controls, and system permissions.
• Maintain IT asset inventory and ensure security configurations are up to date.
• Provide first-level troubleshooting for hardware, software, and network issues.
• Liaise with IT vendors for maintenance, procurement, and upgrades.
  

Administrative Support

• Maintain records, reports, and compliance-related documentation.
• Coordinate with internal teams for policy implementation and process improvements.
• Support office administration functions, including procurement of IT and office supplies.
• Assist in managing contracts, licenses, and vendor relationships.
  

Requirements

Education & Certifications

• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related field.
• Relevant certifications preferred: ISO 27001 Lead Implementer/Auditor, CISM, CISA, GDPR Practitioner, or equivalent.
  

Experience

• 2–5 years of experience in IT security, compliance, or related roles.
• Hands-on experience with GDPR, SOC 2, and ISO 27001 implementation.
• Experience filling Infosec documents and responding to client/vendor compliance requirements.
• Exposure to IT systems administration and troubleshooting.
• Experience in administrative coordination is an advantage.
  

Skills

• Strong understanding of information security principles and data privacy regulations.
• Excellent documentation, communication, and training skills.
• Ability to manage multiple priorities and work cross-functionally.
• Analytical mindset with problem-solving skills.