Information Security Specialist
Remote
$151k–$170k
middle
2 months ago
full-time
quality 8.6/10
What you’ll do
- AI Governance & Enablement — Develop and maintain a practical framework for evaluating, approving, and securely deploying AI tools across the organization.
- Vulnerability Management — Own our vulnerability management program — scanning, triaging, coordinating remediation, and tracking resolution across infrastructure, applications, and endpoints.
- Compliance — Support and improve our compliance posture (SOC 2, ISO 27001), including evidence collection, control monitoring, and audit support.
- Incident Response — Lead security incident response — investigate alerts, coordinate containment, document root causes, and drive improvements.
- Security Tooling — Manage and tune security tooling (EDR, SIEM/logging, DLP, email security, identity and access management controls).
- Vendor & Third-Party Risk — Conduct security reviews of third-party vendors, SaaS integrations, and AI services — evaluating data handling, model training policies, and privacy commitments.
- Policy & Standards — Develop and maintain security policies, standards, and runbooks that are practical and right-sized for our environment.
- Application Security Partnership — Partner with Platform Security and Engineering on application security topics.
- Security Awareness — Drive security awareness initiatives — phishing simulations, training programs, AI literacy education, and ongoing guidance for the team.
- Threat Intelligence — Monitor and assess emerging threats (including AI-driven attack vectors).
Who you are
- 4+ years of experience in information security, cybersecurity, or a related technical discipline.
- A pragmatic, enabling mindset toward AI.
- Hands-on experience with compliance frameworks (SOC 2, ISO 27001).
- Strong knowledge of cloud security fundamentals (AWS, GCP, or similar).
- Experience with security tooling — EDR, SIEM, vulnerability scanners, DLP, and email security platforms.
- Solid understanding of incident response processes.
- Familiarity with SaaS environments and remote-first operations.
- Strong written communication skills.
- Self-starter mentality.
- Experience evaluating AI/ML tools for data privacy and security risks is a strong plus.
- Experience in vendor risk assessment and third-party security reviews.
- Security certifications (CISSP, CISM, CompTIA Security+, or similar) are a plus but not required.
What you'll get
- Compensation & Benefits: Starting salary for this role is $151,000 to $170,000 depending on experience.
- Inclusive benefits package supports your well-being and growth, including 100% coverage of medical, dental, vision, mental health, and supplemental insurance premiums for you and your family.
- 16 weeks paid parental leave.
- Unlimited PTO.
- Stipends for remote work and wellness.
- Professional development budget.
Similar jobs
People Ops Partner
Sardine · Remote
$120k–$150k
2 days ago
View →
Engineer Team Lead, New Markets Singapore
Alpaca · Remote
$128k–$212k
2 months ago
View →
Internal Audit Analyst
Coinbase · Remote
$90k–$150k
3 days ago
View →
Audit Program Manager
Veeva Systems · Remote
$52k–$86k
5 days ago
View →
Internal Audit SOX Associate Manager
Coinbase · Remote
$82k–$138k
9 days ago
View →
Due Diligence Analyst
Alpaca · Remote
$68k–$112k
9 days ago
View →