Information Security Risk Specialist

About the Role

Title: (fluent Ukrainian) Information Security Risk Specialist (remote)

Location: Madrid Community of Madrid ES

Type: Contract

Workplace: Fully remote

Job Description:

Хто ми?

SupportYourApp

Who are we?

SupportYourApp is an international Support-as-a-Service company that has been providing business process outsourcing services to other IT companies around the world (technical and user support, services to improve user experience) for 15 years. Currently, our international team consists of 1300+ specialists.

We provide services worldwide, supporting customers in 60 languages, partnering with leaders like MasterCard, Calm, and MacPaw, have international hubs, and develop innovative products like   — to make the customer experience better every day.

About the position:

We are looking for an Information Security Risk Specialist who is eager to apply their knowledge of information security, gain experience working in an international IT company, interact with a team and partners from around the world, and participate in interesting and challenging information security projects with our Security team.

Sounds interesting? More to come 💛

With us you can do:

• Supplier risk management:

  • Conducting supplier security checks;

  • Searching and collecting information from open sources (OSINT);

  • Maintaining and updating risk assessment registers.

• Communication:

  • Processing requests from other departments and clients;

  • Participation in filling out and processing client questionnaires on information security in accordance with international standards (ISO 27001, SOC 2, NIST);

  • Involvement in the initial review of customer agreements (DPA/MSA) to identify discrepancies between the company's internal processes and customer requirements.

• Ensuring that devices comply with information security requirements:

  • Monitoring, analyzing and verifying evidence (logs, screenshots) to confirm compliance of employee devices with security requirements;

  • Communication with users to resolve non-compliance with security requirements;

  • Maintaining a register of approved devices.

• Documentation and operational activities:

  • Creation and updating of internal instructions, procedures and knowledge base materials on information security.

• Increasing employee awareness of information security issues:

  • Participation in phishing simulations;

  • Assistance in preparing information security materials and letters for employees.

• Incidents:

  • Initial handling of security incidents: evidence collection, basic investigation, and coordination of communication between involved parties.

You are our ideal candidate if you have:

• Understanding the principles of information security (Confidentiality, Integrity, Availability);

• Understanding the requirements of the most common information security standards and legislation in the field of security and personal data protection;

• Analytical thinking and ability to work with documentation, data and security incidents;

• Developed soft skills: communication skills, competent communication, attention to detail and accuracy, self-organization and ability to work with deadlines.

• English level B1–B2.

Why it's great to be part of our team:

• Providing services during business hours;

• Unique art spaces in Kyiv at Vasylkivska metro station (feel the atmosphere!   ) or the possibility of collaboration in a remote format;

• Trust-based communication and no activity trackers;

• Harmony between project workload and personal time, as well as internal medical policy;

• A creative community and culture focused on people and mutual feedback;

• Attractive rewards for inviting friends;

• Competitive compensation in USD;

• Paid onboarding and access to the corporate library.

*The items listed in this section may vary depending on the terms of your contract. Certain benefits and terms generally apply to employees; independent contractors may not be eligible for all of these benefits. Specific terms, including compensation, benefits, and terms of engagement, will be clearly outlined in your contract, if signed.

You can learn more about the company and culture by visiting  and its social pages  ,  , and  .

If you are interested in information security, risk assessment, and compliance, and you are attentive to detail and organized, we would be happy to receive your resume.

Do you have the perfect candidate in mind?  a friend and get rewarded!

We adhere to the principles of equal treatment of candidates and prohibit discrimination on any grounds protected by law.  

Your personal data will be processed in accordance with the SupportYourApp Candidate Privacy  .