Information Security Specialist

Information Security Analyst / SpecialistWe are looking for a detail-oriented Information Security Analyst/Specialist to join our InfoSec team. The ideal candidate will ensure compliance with industry standards, strengthen security operations, manage risks, and collaborate across teams to safeguard our systems and data.ResponsibilitiesInformation Security Governance & ComplianceManage compliance with ISO 27001:2022 and SOC 2 Type II frameworks.Support ITGC audits in collaboration with Finance.Conduct internal audits, gap assessments, and evidence collection for certification and surveillance audits.Review and update ISMS policies, procedures, and controls regularly.Support customer and prospect audits by providing responses, clarifications, and documentation.Risk & Threat ManagementPerform application, infrastructure, and vendor risk assessments.Conduct third-party/vendor security assessments and track remediation.Monitor and ensure closure of audit findings, vulnerabilities, and identified security gaps.Security Operations & MonitoringReview AWS logs, IAM, RBAC, firewall rules, and other security configurations.Conduct monthly/quarterly user access reviews across systems (SSH, RBAC, DB, SaaS).Track patch management, antivirus, and endpoint protection compliance.Manage SIEM and SAST tools for continuous monitoring.Vulnerability & Incident ManagementCoordinate periodic VAPT (Infra, Web, Mobile) with external agencies and internal teams.Support remediation, validation, and closure of vulnerabilities.Assist in incident response, root cause analysis, and corrective actions.Skills & QualificationsStrong understanding of ISO 27001:2022, SOC 2 Type II, ITGC audits, ISMS policies.2 to 5 Years of relevant experience. Experience in VAPT coordination, remediation, and vulnerability management.Knowledge of AWS security configurations, IAM, RBAC, firewall rules, and cloud security practices.Hands-on experience with SIEM, SAST (SonarQube), endpoint protection, and patch management tools.Familiarity with Disaster Recovery, BCP, and backup strategies.Analytical & Risk Management SkillsProficiency in conducting risk assessments and managing risk treatment plansExperience with vendor/third-party assessments and compliance documentation.Strong troubleshooting and root cause analysis abilities.Preferred QualificationsBachelor’s degree in Computer Science, Information Security, or related field. Industry certifications such as ISO 27001 Lead Auditor/Implementer, CISA, CISSP, CISM, CEH, or AWS Security Specialty (preferred but not mandatory).What will you experience working with our team?Career Growth – This role is designed to evolve into a brand leadership position.Full Content Lifecycle Exposure – Learn and own the entire journey from content creation to distribution.Video & Digital-First Approach – Work in a team that values video storytelling and data-driven narratives.Make an Impact – Your content will shape conversations in FMCG distribution and supply chain tech.Freedom and Fun - Bizom’s culture is unique, you’ll feel like Schrödinger’s cat, simultaneously immersed in both the thrill of challenges and the excitement of workplace fun.Why Mobisy?We are happy souls, working together and having each other’s back People, Product, and Profit is our motto.Fly beyond your imagination - we believe in giving wings to your passion.No Kinder-garden here. We fall, we learn, and we stick together like chewing gum.We jam together Whether it's a code, a pitch or a plan - collaboration is our secret sauce. We win as one.Little things add up We believe in compounding - small efforts every day lead to big, magical outcomes.We trust in our association and give free rein to our employees to act, explore, and deliver sustainable results.We celebrate success hard - and failures even harder. It’s always a collective win or a collective miss.Have buddies, mentors - but be your own boss. It goes hand in hand.Know your people. Talk, chat, learn, and share - access anyone in the family, anytime.Stay quiet. Stay foolish. We speak up, do the right thing, and always keep our clients and company in mind.We roll up our sleeves, get our hands dirty, dream big, and achieve together.What Will you get while working with Mobisy?Work is Fun - We believe work is fun - and we go the extra mile to make sure you enjoy what you do every single day.Design Your Own Role - You don’t just fit into a job - we let you shape it. Take up what excites you, and we’ll back you with trust and responsibility.Freedom to Own Your Work - Less rules, more trust. You get the freedom to figure things out your way - with the right support when needed.Take Full Ownership - It’s your ship. You steer it. You own it. You make things happen.Grow into a Leader - This isn’t just a job - it’s your launchpad to becoming a strong, independent leader.People Come First - Always. We back our people through thick and thin. That’s our culture.Stay Fit & Feel Good - We care about your health - with fitness activities, sports, and regular wellness sessions to keep you balanced.Happy Tummy, Happy You - Enjoy fresh, tasty meals every day at our very own in- house cafeteria. We take food seriously What will you not get?Punch In, Punch Out Culture – We hate login-logout rules. Du-uh, we’re not in school We care about outcomes, not clock-watching.Spoon-Feeding – No hand-holding here. You’ll get all the support you need - but you’re expected to take charge and carve your own pathToo Many Rules – We don’t overload you with rigid processes. We offer simple guidelines and a helping hand - ownership is all yours.Yes-Mam, No-Mam Culture – We respect ideas, not titles. Speak up, challenge, build - no sir/ma’am culture here.Blame Games – We own our wins and our misses - together. We don’t point fingers, we fix things If you find the above details interesting; we encourage you to apply. We are building a diverse team whose skills balance and complement one another. Mobisy Technologies is an equal opportunity employer and we value diversity. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.