Information Security Specialist

Remote $151k–$170k middle 2 months ago full-time quality 8.6/10
information securitycybersecurityAI governancevulnerability managementcomplianceincident responsesecurity toolingvendor risk assessmentcloud securitycommunication

What you’ll do

  • AI Governance & Enablement — Develop and maintain a practical framework for evaluating, approving, and securely deploying AI tools across the organization.
  • Vulnerability Management — Own our vulnerability management program — scanning, triaging, coordinating remediation, and tracking resolution across infrastructure, applications, and endpoints.
  • Compliance — Support and improve our compliance posture (SOC 2, ISO 27001), including evidence collection, control monitoring, and audit support.
  • Incident Response — Lead security incident response — investigate alerts, coordinate containment, document root causes, and drive improvements.
  • Security Tooling — Manage and tune security tooling (EDR, SIEM/logging, DLP, email security, identity and access management controls).
  • Vendor & Third-Party Risk — Conduct security reviews of third-party vendors, SaaS integrations, and AI services — evaluating data handling, model training policies, and privacy commitments.
  • Policy & Standards — Develop and maintain security policies, standards, and runbooks that are practical and right-sized for our environment.
  • Application Security Partnership — Partner with Platform Security and Engineering on application security topics.
  • Security Awareness — Drive security awareness initiatives — phishing simulations, training programs, AI literacy education, and ongoing guidance for the team.
  • Threat Intelligence — Monitor and assess emerging threats (including AI-driven attack vectors).

Who you are

  • 4+ years of experience in information security, cybersecurity, or a related technical discipline.
  • A pragmatic, enabling mindset toward AI.
  • Hands-on experience with compliance frameworks (SOC 2, ISO 27001).
  • Strong knowledge of cloud security fundamentals (AWS, GCP, or similar).
  • Experience with security tooling — EDR, SIEM, vulnerability scanners, DLP, and email security platforms.
  • Solid understanding of incident response processes.
  • Familiarity with SaaS environments and remote-first operations.
  • Strong written communication skills.
  • Self-starter mentality.
  • Experience evaluating AI/ML tools for data privacy and security risks is a strong plus.
  • Experience in vendor risk assessment and third-party security reviews.
  • Security certifications (CISSP, CISM, CompTIA Security+, or similar) are a plus but not required.

What you'll get

  • Compensation & Benefits: Starting salary for this role is $151,000 to $170,000 depending on experience.
  • Inclusive benefits package supports your well-being and growth, including 100% coverage of medical, dental, vision, mental health, and supplemental insurance premiums for you and your family.
  • 16 weeks paid parental leave.
  • Unlimited PTO.
  • Stipends for remote work and wellness.
  • Professional development budget.

Similar jobs

Before you apply

  • Legitimate employers never ask you to pay anything to apply or get hired.
  • Never share seed phrases or private keys. No real job needs them.
  • Do not install software ("test tasks", "trading tools", "video call clients") sent during hiring.
  • Check that the application page's domain really belongs to peoplefirstjobs.com.