Senior Information Security Specialist

Remote Full-time
Company Description

SmartRecruiters is the Recruiting AI Company that transforms hiring for the world’s leading enterprises. Built for global scale, SmartRecruiters, an SAP company, delivers an AI-powered hiring platform that automates and optimizes the entire talent acquisition process, ensuring faster and smarter hiring decisions. More than 4,000 companies, including Amazon, Visa, and McDonald's, rely on SmartRecruiters to build winning teams. In 2025, SmartRecruiters joined SAP, the global leader in enterprise applications. Together, SmartRecruiters and SAP are accelerating the reinvention of hiring by combining cutting-edge AI innovation with the scale, reach, and resources of SAP’s ecosystem.
At SmartRecruiters, we are a values-driven, globally focused tech company with strong financial backing and a bold vision for the future of work. We commit and dig deep, embracing challenges with grit, curiosity, and a drive for excellence. We foster a collaborative and inclusive work environment, where trust and determination bring us together. Because together, we will win.

Recognized by Fosway Industry Analysts as a strategic leader in recruitment technology for three consecutive years, and awarded by Comparably as a top company for Women, Perks and Benefits, Work-Life Balance, Happiness, Compensation, Diversity, and Culture - we take pride in creating a place where everyone can thrive. Our remote-friendly culture, competitive salaries, and strong internal mobility ensure that high performers have meaningful growth opportunities in an environment built on respect and empowerment.

Job Description

SmartRecruiters is looking for a Senior Information Security Specialist to join the Governance, Risk & Compliance (GRC) team. This role is critical to ensuring that SmartRecruiters' applications, systems, and processes remain compliant with industry standards and regulatory requirements, including ISO 27001, ISO 22301, ISO 42001, SOC 2 Type II, Cyber Essentials, GDPR, and the EU AI Act.
The successful candidate will combine strong GRC expertise with a technical, engineering mindset - someone who can drive compliance programmes across multiple frameworks while also stepping into complex technical topics such as business continuity, AI security, and cloud compliance. Critically, this is not a purely audit-focused role; we need someone who can dig into technical details, assess security architectures, support forensic investigations, build automation to replace manual processes, and provide hands-on guidance to engineering and security teams. A core part of this role is identifying opportunities to engineer scalable, repeatable solutions, from compliance evidence collection to policy enforcement, rather than relying on manual effort.

Responsibilities
Governance, Risk & Compliance
Identify manual, repetitive GRC processes and design automation blueprints to streamline them, including evidence collection, control monitoring, access reviews, policy enforcement checks, and compliance reporting
Build and maintain automated workflows using compliance platforms, scripting, or integration tools to reduce manual effort and improve audit-readiness
Develop reusable templates, playbooks, and standardised blueprints for recurring GRC activities (e.g., vendor assessments, internal audits, risk reviews) to ensure consistency and scalability.
Collaborate with engineering and IT teams to integrate security and compliance checks into existing toolchains and CI/CD pipelines where applicable
Continuously evaluate and improve GRC tooling, data flows, and reporting to drive operational efficiency across the team
Manage stakeholder expectations and partner with internal teams to ensure effective management of IT risks and compliance obligations
Maintain regional and local stakeholder relationships, meeting schedules, minutes, and reports.
Support the maintenance of the SOC 2 Type II framework, including evidence collection, control testing coordination, and audit support
Effectively manage ISO 27001 and ISO 22301 audit lifecycles and coordinate with stakeholders on ISMS and BCMS improvements
Support the maintenance and continuous improvement of the ISO 42001 (AI Management System) framework in alignment with the EU AI Act
Support vendor risk management activities, including third-party security assessments and due diligence reviews
Business Continuity & ISO 22301
Serve as a subject matter expert or key contributor for the Business Continuity Management System (BCMS), supporting the strategy, framework, and audit programme under ISO 22301
Support Business Impact Analysis (BIA), BCP/DRP development, recovery exercises, and continuity metrics management
AI Security & Compliance
Support AI security and compliance activities, including the assessment of AI-related risks, alignment with ISO 42001 controls, and regulatory readiness under the EU AI Act
Collaborate with product and engineering teams to evaluate security controls for AI/ML features and services

Qualifications

5+ years of experience in information security, governance, risk, and/or compliance roles with a technical orientation
Demonstrated compliance or auditing experience with at least one major framework
Hands-on experience with incident response - including participation in security incident investigations, containment, and post-mortem processes
Solid understanding of controls auditing principles and evidence management
Technical understanding of cloud infrastructure (AWS preferred), networking fundamentals, identity management, and SaaS security architectures
Knowledge of risk management methodologies and experience conducting or supporting risk assessments
Ability to manage and deliver on multiple complex projects simultaneously, with minimal supervision
The ability to investigate, question, and interpret internal and external IT security and compliance issues at both a governance and technical level
A strong understanding of technology, cloud-based products, and SaaS environments
Experience working across business units and geographical boundaries to engage engineering, business, and operational teams
Experience with ISO 27001
Excellent written and verbal communication skills in English
Nice to have
Professional certifications such as CISA, CRISC, CISM, CISSP, CCSK, CCSP, or equivalent
Experience with ISO 9001, 27017, and 27018
Experience with ISO 22301 (Business Continuity), including BIA, BCP/DRP, and recovery testing
Experience with BSI C5 (Cloud Computing Compliance Criteria Catalogue) or similar cloud-specific compliance frameworks
Knowledge of AI security principles, experience with ISO 42001, or familiarity with the EU AI Act and its technical requirements
Experience with enterprise risk management frameworks and tools
Understanding of threat modelling methodologies and secure development lifecycle (SDLC) principles

Additional Information

SmartRecruiters is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

Apply To This Job
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Remote Customer Support Specialist – Part-Time Flexible Hours, Work From Home Opportunity

Remote

W2 Role :: AI Automation Specialist :: Fremont, CA, with Tuesday–Thursday in office (If needed, the role can be remote with PST working hours)

Remote

Want Finance Manager - Capital Reporting & Analysis (Remote) in Cedar Rapids, IA

Remote

Immediate Hiring: Social Technical Project Manager (Remote)

Remote

[Remote] Workday Adaptive Planning Lead Consultant

Remote

[Remote Part-time jobs] Amazon Customer Service Job

Remote

**Experienced Online/Live Chat Agent – Customer Service Representative for arenaflex**

Remote

Customer Service Representative (Remote)

Remote

Remote Entry-Level Live Chat Support Specialist – Flexible Part‑Time Customer Service & Billing Assistance

Remote

Experienced Customer Service Representative – Remote Career Opportunity with Comprehensive Training and Competitive Salary at blithequark

Remote
← Back