Information Security Specialist

Vintti specializes in providing US companies with a financial edge through smart staffing solutions. We bridge the gap between American businesses and Latin American talent, offering access to a vast pool of skilled professionals at competitive rates. This approach enables our clients to scale their operations more efficiently, reduce hiring costs, and invest in growth opportunities without compromising on quality.

An Information Security Specialist is vital in safeguarding an organization's data and systems against cyber threats and security breaches. This role involves designing and implementing robust security measures, monitoring for vulnerabilities, and responding to incidents to minimize risk. Specialists work to ensure compliance with legal and regulatory requirements while educating employees on best security practices. Their expertise is crucial in maintaining the integrity, confidentiality, and availability of sensitive information, thus playing a key role in the overall cybersecurity strategy of the organization.

- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field.
- Minimum of 3-5 years of experience in information security or related discipline.
- Professional certifications such as CISSP, CISM, CEH, or equivalent.
- Strong understanding of security principles, techniques, and technologies.
- Practical experience with SIEM systems, firewalls, IDS/IPS, and endpoint protection tools.
- Proficiency in conducting vulnerability assessments and penetration testing.
- Knowledge of regulatory requirements and industry standards such as GDPR, HIPAA, PCI-DSS, and ISO 27001.
- Familiarity with security frameworks like NIST, ISO, and COBIT.
- Experience deploying, configuring, and maintaining security devices.
- Strong analytical and problem-solving skills.
- Ability to document findings and recommend remediation actions effectively.
- Experience in developing and implementing security policies and procedures.
- Strong communication and interpersonal skills for training and collaborating with teams.
- High level of integrity and professionalism.
- Continuous learning mindset to stay updated with emerging security threats and technologies.
- Ability to manage multiple tasks and prioritize effectively.
- Experience with secure network architectures and protocols.
- Proficiency in access control reviews and user access management.
- Experience with software development life cycles (SDLC) and integrating security practices.
- Ability to respond to and resolve security-related service desk tickets and inquiries.
- Experience with business continuity and disaster recovery planning.
- Knowledge of key performance indicators (KPIs) and security metrics reporting.
- Ability to support internal and external security audits and assessments.
- Strong attention to detail.

- Monitor and analyze security alerts from various sources such as SIEM systems, firewalls, intrusion detection/prevention systems, and endpoint protection solutions.
- Conduct thorough investigations of security incidents and breaches, documenting findings and recommending remediation actions.
- Perform regular vulnerability assessments and penetration testing to identify and mitigate security weaknesses.
- Develop, implement, and maintain security policies, procedures, and standards to ensure compliance with regulatory requirements and industry best practices.
- Manage the deployment, configuration, and maintenance of security devices, such as firewalls, anti-virus software, and encryption tools.
- Collaborate with IT teams to design and implement secure network architectures and protocols.
- Review and assess the security posture of third-party vendors and contractors.
- Educate and train employees on information security best practices and company policies through regular workshops and awareness programs.
- Ensure timely application of software patches and security updates to maintain system integrity.
- Perform regular audits and risk assessments to evaluate the effectiveness of current security controls and identify potential areas for improvement.
- Assist with the creation and maintenance of business continuity and disaster recovery plans.
- Track and report on key performance indicators (KPIs) related to information security and incident response activities.
- Stay current with emerging security threats, technologies, and regulations by engaging in continuous professional development and attending relevant industry conferences and seminars.
- Conduct access control reviews and ensure proper user access management to sensitive systems and data.
- Work collaboratively with cross-functional teams to integrate security into software development life cycles (SDLC).
- Provide expertise and support during internal and external security audits and assessments.
- Respond to and resolve security-related service desk tickets and inquiries from employees.

The ideal candidate for the role of Information Security Specialist will possess a bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field, coupled with 3-5 years of hands-on experience in the information security domain. They should hold professional certifications such as CISSP, CISM, or CEH, and demonstrate a robust understanding of security principles, techniques, and technologies, including practical experience with SIEM systems, firewalls, IDS/IPS, and endpoint protection tools. This individual will be proficient in conducting vulnerability assessments and penetration testing, with thorough knowledge of regulatory requirements and industry standards like GDPR, HIPAA, PCI-DSS, and ISO 27001. Familiarity with security frameworks such as NIST, ISO, and COBIT is essential, as is experience in deploying, configuring, and maintaining security devices. The ideal candidate will exhibit strong analytical and problem-solving abilities, effective documentation skills, and experience in developing and implementing security policies and procedures. Excellent verbal and written communication skills are imperative for training and collaborating with various teams, combined with high integrity, professionalism, and a continuous learning mindset to stay abreast of emerging threats and technologies. This person will be adept at managing multiple tasks, prioritizing effectively, and demonstrating strong organizational and multitasking abilities. They will exhibit a proactive, self-motivated attitude, an adaptable nature, and a customer-focused, service-oriented mindset, with the resilience to handle challenging situations calmly and effectively. The candidate must have experience with secure network architectures, access control reviews, SDLC integration, and business continuity and disaster recovery planning. Finally, the ideal candidate will have strong project management skills, confidentiality, and discretion in handling sensitive information, along with a strong commitment to continuous improvement and excellence in their work.

- Monitor and analyze security alerts from various sources such as SIEM systems, firewalls, intrusion detection/prevention systems, and endpoint protection solutions.
- Conduct thorough investigations of security incidents and breaches, documenting findings and recommending remediation actions.
- Perform regular vulnerability assessments and penetration testing to identify and mitigate security weaknesses.
- Develop, implement, and maintain security policies, procedures, and standards to ensure compliance with regulatory requirements and industry best practices.
- Manage the deployment, configuration, and maintenance of security devices, such as firewalls, anti-virus software, and encryption tools.
- Collaborate with IT teams to design and implement secure network architectures and protocols.
- Review and assess the security posture of third-party vendors and contractors.
- Educate and train employees on information security best practices and company policies through regular workshops and awareness programs.
- Ensure timely application of software patches and security updates to maintain system integrity.
- Perform regular audits and risk assessments to evaluate the effectiveness of current security controls and identify potential areas for improvement.
- Assist with the creation and maintenance of business continuity and disaster recovery plans.
- Track and report on key performance indicators (KPIs) related to information security and incident response activities.
- Stay current with emerging security threats, technologies, and regulations by engaging in continuous professional development and attending relevant industry conferences and seminars.
- Conduct access control reviews and ensure proper user access management to sensitive systems and data.
- Work collaboratively with cross-functional teams to integrate security into software development life cycles (SDLC).
- Provide expertise and support during internal and external security audits and assessments.
- Respond to and resolve security-related service desk tickets and inquiries from employees.

- Detail-oriented and meticulous
- Strong analytical and problem-solving skills
- Excellent verbal and written communication skills
- High level of integrity and ethical behavior
- Proactive and self-motivated
- Ability to work well under pressure
- Strong organizational and multitasking abilities
- Collaborative team player with a strong sense of accountability
- Continuous learner with a passion for staying current on emerging threats and technologies
- Ability to think critically and make sound decisions quickly
- Strong interpersonal skills for effective collaboration with diverse teams
- Demonstrates initiative and a proactive approach to identifying and mitigating risks
- Strong technical aptitude and ability to understand complex systems
- Adaptable and open to change in a fast-paced environment
- Customer-focused with a service-oriented mindset
- Ability to train and educate others effectively
- Strong project management skills and ability to prioritize tasks
- Confidentiality and discretion in handling sensitive information
- Resilient and able to handle challenging situations calmly and effectively
- Strong commitment to continuous improvement and excellence in their work.

- Competitive salary range based on experience and qualifications
- Comprehensive health, dental, and vision insurance
- Flexible work schedule with remote work options
- Generous paid time off (PTO) including vacation, sick leave, and holidays
- 401(k) retirement plan with company matching
- Opportunities for performance-based bonuses and incentives
- Professional development and certification reimbursement
- Access to online learning platforms and industry conferences
- Employee wellness programs and resources
- Life and disability insurance coverage
- Parental leave and family support benefits
- Stock options or equity participation (if applicable)
- Commuter benefits and transportation reimbursement
- Employee assistance programs (EAP) for personal and professional support
- Collaborative and inclusive work environment
- Opportunities for career advancement and internal mobility
- Recognition and reward programs for outstanding performance
- Access to cutting-edge technology and tools
- Tuition reimbursement for continuing education
- Team-building activities and company events
- On-site gym or fitness membership reimbursement (if applicable)