Information Security Analyst

  • Engineering
  • Lahore, Pakistan

Information Security Analyst

Job description

Communication is our business!

unifonic provides solutions for better customer engagement through a cloud-based platform. We empower businesses to engage with their people through a variety of channels, making their communication conversational, more personalized, fun, meaningful, and with ease.


Engineering principle: We ship robust, high-quality code, written for humans to read and maintain!


Information Security Analyst

The Information Security Analyst is part of the Digital Enablement team and the goal is to provide subject matter expertise in relation to IT and Information Security controls and assurance, Cyber Security threat and vulnerability management and response, and supplier security due diligence and assurance. The Information Security Analyst is leading initiatives and providing guidance in order to effectively develop and improve security controls and services, assure secure business change, and protect the organization against internal and external cyber security threats. The responsibilities of the Information Security Analyst include but are not limited to:

  • Understand how security is crucial for operations across the organization and advises on best practices.

  • Maintain security controls and policies within unifonic

  • Work with stakeholders across the organization to make sure compliance needs are met and also implement the information security roadmap.

  • Maintenance of ISMS and all related systems.

  • Perform security reviews and gap analysis.

  • Maintain risk registers and assist in treating security risks.

  • Maintain up-to-date knowledge of ISO standards, security threats, countermeasures, industry good practices, and assistive technologies.

  • Assist in replying to unifonic’s customers’ security due diligence and RFI.

  • Work with the Legal team when there’s the need to respond to security incidents.

  • Work with the Compliance team when needed to provide input on everything related to Information security.

  • Understand how data should be managed so that an organization can be compliant with security standards.

  • Proactively investigate, test, and deploy new technologies within an ever-changing environment.

Requirements

  • Hands-on 5+ years of experience working with Internal Security Systems.
  • Knowledge of ISO 27001, 27017, 27018 (preferable certified practitioner).

  • Knowledge of SOC2 (has gone through at least one audit process).

  • Understanding of IT (systems, cloud, etc).

  • An inquisitive, analytical mind.

  • Great organizational skills.

  • Ability to work on projects concurrently and under tight deadlines.

  • Self-motivated with a determination to provide solutions.

  • Excellent communication skills with an ability to describe technical and security issues/solutions to technically and non-technically minded people.

  • Ability to follow procedures as well as suggest improvement ideas.