Job
Description
Position Summary: The Cybersecurity Risk Assessment Engineer will support the development, implementation, and maintenance of information security compliance programs such as ISO 27001, SOC1, SOC2, NIST, and others. This role involves assisting in identifying and assessing security risks, supporting the development and implementation of security policies and controls, conducting compliance assessments, and helping prepare for internal and external audits. The engineer will collaborate with internal teams and occasionally with customers to help implement security certification and attestation standards. Key Responsibilities: Assist in the development, implementation, and maintenance of certification/attestation standards (e.g., SOC1, SOC2, ISO 27001) for Mindsprint and customers as needed. Support the review and update of existing information security policies and procedures. Help create and implement new security and compliance policies and procedures under guidance. Participate in information security risk assessment activities, including identifying vulnerabilities and helping evaluate risks. Collaborate with other departments to integrate security standards and compliance requirements into business processes. Conduct compliance assessments to verify adherence to security policies and controls. Assist in preparing documentation and evidence for internal and external audits related to ISO 27001, SOC1, SOC2, etc. Work with customers under supervision to support the implementation and maintenance of various security frameworks. Profile Requirements: Solid understanding of security standards, frameworks, and certifications such as ISO 27001, SOC1, SOC2, and NIST. Familiarity with IT and information security risk assessment methodologies and frameworks. Some experience or exposure to project coordination or management in compliance or security projects. Knowledge of audit preparation processes and requirements for SOC1, SOC2, ISO 27001 is a plus. Awareness of recent updates and changes in relevant security standards and regulations. Ability to assist in developing security standards and guidelines aligned with industry best practices. Basic familiarity with common technology stacks and IT environments. Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Strong communication skills and ability to work collaboratively within teams. Eagerness to learn and adapt to new technologies and evolving security landscapes. Good attention to detail, organizational skills, and analytical thinking. Show more Show less
