MCPNew: now works with Claude & AI assistants
Didomi

Didomi

Information Security Analyst

Company

Didomi

Role

Information Security Analyst

Location

Remote

Job type

Freelance

Found on Mokaru

20 hours ago

Share this job

Salary

€48k - €60k

Job description

ISO 27001 program and audit readiness

  • Help maintain and improve our ISO 27001 management system, ensuring controls remain effective, documented, and continuously evidenced.
  • Contribute to internal audits, surveillance audits, and recertification cycles, including the upcoming unified audit covering Didomi and recently acquired business units.
  • Track corrective actions, nonconformities, and continuous improvement initiatives, supporting the security team in driving them to closure.

Security operations and recurring activities

  • Carry out recurring activities on the security calendar in support of the security team, including vulnerability scanning campaigns, quarterly access reviews, risk assessments, business continuity tests, and policy review cycles.
  • Triage vulnerability findings from AWS GuardDuty, Inspector, and other sources, then work with the Security Manager to define remediation priorities and follow them through to closure.
  • Run periodic access reviews across critical systems (Google Workspace, AWS, Slack, JAMF, GitLab, GitHub, and internal applications), surfacing findings to the Security Manager and helping ensure they are remediated.

Cross-functional security support

  • Contribute to the security team's reviews of new tools, vendors, and SaaS applications for security and compliance risks before adoption.
  • Help the security team assess and harden internal workflows, with a particular focus on identity, access management, MFA, SSO, and data handling.
  • Support the security team on security questionnaires, RFPs, and customer due diligence requests.
  • Support the security team on broader initiatives such as AI governance, SaaS governance, and integration of acquired entities into the ISO scope.

Preferred skills & experience

  • 3+ years of experience in a GRC, compliance, or information security analyst role, ideally within a SaaS or technology company.
  • Solid working knowledge of ISO 27001, including Annex A controls, the audit process, and how to operationalize the standard rather than treat it as paperwork.
  • Hands-on experience with vulnerability management tools and access governance processes.
  • Hands-on experience with Vanta, including running ISO 27001 (or comparable) audits end-to-end on the platform.
  • Hands-on experience with the AWS security suite, in particular GuardDuty and Inspector, including triaging findings and proposing remediation priorities.
  • Demonstrated use of AI tooling to accelerate recurring compliance and documentation work. You should be able to walk us through concrete examples of what you have built or automated.
  • A strong bias toward removing process. You actively challenge controls, paperwork, and workflows that no longer earn their keep, and you propose lighter alternatives.
  • Strong written communication in English. You can explain security topics clearly to engineers, executives, and customers alike.
  • A pragmatic mindset: you favor controls that work in practice over controls that only look good on paper.

Nice to have

  • Experience supporting HIPAA or HITRUST programs, and comfort mapping requirements across frameworks.
  • Familiarity with cloud environments (AWS in particular) and with common SaaS administration (Google Workspace, Slack, identity providers).
  • Exposure to security questionnaire platforms and trust center tooling.

Tools you’ll work with on a regular basis

  • Compliance and GRC: Vanta
  • Cloud and security monitoring: AWS, AWS GuardDuty, AWS Inspector, AWS Security Hub
  • Identity and access: Google Workspace, SSO and MFA providers
  • Endpoint and device management: JAMF
  • Code and engineering: GitLab, GitHub
  • Collaboration and documentation: Slack, Notion, Google Workspace
  • SaaS governance and vendor review: internal review workflows and questionnaire tooling
Resume ExampleCover Letter Example

Explore more