Information Security Specialist

What does KLAR do?Klar is working hard to bring digital banking to everyone in Mexico.What is so special about digital banking?Traditional banks have overhead costs per customer that make it unprofitable for them to serve people with smaller deposits or who live in remote areas.By bringing down the cost of banking, Klar is working towards making it possible for the people who need it most to get access to a line of credit to carry them through a rough week or help them grow their own small business.We are a co-located company with Offices in Ciudad de México, México and Berlin, Germany.Your daily adventures will beThis position is based in Ciudad de México, México.While we support flexible working arrangements (home office, periodic remote work) we focus our time zones on Berlin and Mexico City and value a strong team culture with the possibility to meet up for in-person meetings and informal social gatherings.The Information Security Specialist will be accomplishing results through the execution and delivery of the end-to-end security projects for a wide range of business and technological needs.This SME will be focused on identifying security risks, and defining and executing safeguards to manage them.The Information Security Specialist will support CISO on creating, monitoring and executing action plans to manage key performance and risk indicators (KPIs and KRIs) as part of the day-to-day responsibilities.This is a hands-on role executing and/or assisting on the administrative, technical and organizational security controls across the organization required by applicable regulations and industry standards.**What you will be doing**:- Coordinates, leads and executes the deployment of security policies in tangible actions with the areas involved.- Execute the information security processes in charge.- Define and establish an information security framework based on Klar's information security policies and standards.- Assess and determine the inclusion of new security frameworks and industry best practices based on well-known benchmarks.- Develop and ensure that the information security policies and standards are up-to-date according to the business needs as well as technological, operating and regulatory changes.- Ensure the information security awareness program aiming to mitigate people-related cyber risks.- Coordinate and ensure that all the ISMS artifacts are current and accurate.- Ensure that all regulatory and industry security requirements are met by all business units.- CNBV/Fintech lawBanxico / SPEI cyber security requirementsISO *****************PCI DSS- Set and monitor KPIs and KRIs and define action plans to address negative results.- Based on the organizational security strategy, define the requirements for its team in terms of hard and soft skills growing.- Develop, sustain and lead the following processes:- Risk assessment and analysisHuman resources securityAsset securityCloud Security (AWS)Network securityVulnerability managementIdentity and access managementEndpoint securityThird-party risk managementComputer security incident responseWhat you bring to the table- Bachelor's degree and Fluent in English.- 5+ years of end-to-end information security experience, preferably in a high-growth tech environment.- Experience working in a fast-paced startup environment is a nice-to-have.- One of the following certifications are nice-to-have:- CompTIA Security +CSX Cybersecuity Fundamental CertificateSystems Security Certified Practitioner (SSCP)Certificate of Cloud Security KnowledgeCISM (Certified Information Security Manager)- Capacity to adapt in a fast-moving environment.- Excellent communication skills both written and verbal, with a proactive nature for keeping stakeholders up to date, and an ability to prioritize projects in a fast-paced company that is going through substantial growth.- Eye for detail, process oriented mindset and structured approach.- Capacity to work to tight timeframes, with a natural ability to manage competing priorities and a proven ability to meet deadlines.What do we offer?- Working in a very international team.- Flexible work environment, with home office and remote work arrangements.- Competitive Compensation, including equity.- A world-class team that helps you evolve your skills in areas you're interested in.- An opportunity to have a real impact on the financial landscape of Mexico.