Information Security Specialist

The Infosec team in Helpshift supports the business functions in maintaining the infosec and privacy posture across the product areas. The team is actively responsible in ensuring that the Helpshift product is in compliance with leading industry compliance regulations for security and privacy. Additionally, the team also works with technical teams within Helpshift to ensure that technical security controls are implemented effectively across the product. You’ll be part of a team that reviews and designs controls that helps protect the security and privacy posture of the Helpshift Product as it evolves to meet growing customer requirements.

Job Summary:

The Infosec team is within the global KWS services organization and is in charge of information security. This individual will help to maintain and further build Helpshift’s security compliance capabilities and will be responsible for providing expertise and support for KWS studios around the globe.

• Protect systems and information infrastructure, including firewalls and data encryption programs by helping define, document & enforce security policies within the organisation.
• Support and Maintain the Security compliance requirements related to GDPR, SOC2, ISO27001, HIPAA, CCPA, Chinese Privacy laws etc.
• Support internal business functions with Customer facing asks such as responding to security questionnaires, information requests, completing periodic customer audits.
• Support Product teams in Security testing end evaluation of new product features
• Provide Information Security consulting to internal business units & service lines.
• Support service lines and business units in compliance to internal policies and client requirements, including planning for and executing on infrastructure and architecture decisions.
• Perform periodic internal penetration testing
• Perform GRC functions across the organisational business units to maintain visibility and achieve compliance where needed.
• Perform daily security tasks such as: internal audit, risk assessments, threat monitoring, vulnerability management, endpoint protection, tracking deliverables for security.
• Manage and deploy security infrastructure, including alerting, response, logging systems.
• Identification of IOCs/TTPs and applicable techniques for mitigation.
• Research, development & implementation of technologies aimed at strengthening the overall security posture of the company globally.
• Help the team with monitoring for, responding to & reporting on security incidents, for critical incidents.