Security Analyst

• PIMS Management: Manage the daily operations of the Privacy Information Management System (PIMS) based on ISO27701, ensuring that data minimization and data inventories are accurately maintained and regularly updated.
• Privacy by Design and Impact Assessments: Conduct comprehensive privacy by design assessments and privacy impact assessments, ensuring privacy considerations are integrated throughout the SDLC and across all projects.
• Contract Analysis and Compliance: Review and analyze contracts to determine compliance with privacy and InfoSec requirements, providing detailed feedback and expert advice to the legal team. Ensure that the organization's privacy policies are reflected in all contractual agreements.
• Vendor Risk Management: Conduct detailed risk assessments of third-party vendors, evaluating the criticality of their data processing activities and providing recommendations for compliance with InfoSec and privacy standards.
• Customer and Vendor Questionnaires: Manage and respond to InfoSec and privacy questionnaires from customers, ensuring accurate and comprehensive information is provided. Analyze responses from vendors to assess privacy and InfoSec risks and ensure compliance.
• Legislation and Compliance: Stay updated on complex privacy legislation and provide guidance on how these laws impact the organization's operations. Ensure that the organization's privacy practices are compliant with the latest regulatory requirements.
• Communication and Reporting: Prepare detailed reports on privacy impact assessments, vendor risk evaluations, and compliance activities. Communicate complex privacy requirements and risks to internal and external stakeholders in a clear and actionable manner.
• Audit Execution: Lead the preparation and execution of internal audits related to PIMS and ISMS, ensuring all documentation, evidence, and findings are comprehensive and align with audit requirements.
• External Audit Coordination: Serve as the primary point of contact during external audits, coordinating the collection of evidence, responding to auditor inquiries, and ensuring that audits proceed smoothly and efficiently.
• Environmental, Social and Governance: Lead and coordinate ESG-related initiatives, including conducting ESG assessments, tracking remediation actions, and preparing comprehensive reports for internal and external stakeholders. Oversee carbon emission inventories and ensure accurate data collection and reporting in alignment with sustainability and regulatory standards.

1. Experience
   • Minimum of 3 years in compliance, audit, or risk management.
2. Information Security & Business Continuity
   • Strong understanding of information security standards and business continuity frameworks.
3. ISO Frameworks
   • Proficient knowledge of ISO PIMS) and ISO ISMS) frameworks.
4. Audit Support
   • Hands-on experience supporting internal audits with solid knowledge of audit methodologies.
5. Core Competencies
   • Excellent analytical, documentation, and communication skills.
6. Language Proficiency
   • Advanced English (C1 level) is mandatory.

1. Certifications
   • Professional certifications such as CISA, ISO Lead Auditor, or equivalent.
2. Privacy & Data Protection
   • Familiarity with data privacy principles, including privacy by design, data minimization, and privacy impact assessments.
   • Ability to interpret and apply complex privacy legislation.
3. Vendor Risk Management
   • Experience with vendor risk management processes, particularly in data processing and privacy contexts.
4. Contract Analysis
   • Skilled in reviewing contracts with a focus on privacy and information security compliance.
5. ESG Knowledge
   • Understanding of ESG principles and their application in compliance and risk management.
6. Audit Exposure
   • Experience supporting external audits, especially those related to PIMS and ISMS.
7. Stakeholder Engagement
   • Strong communication and reporting skills for interacting with vendors, customers, and legal teams

• Support the management and maintenance of PIMS and ISMS.
• Conduct comprehensive Infosec, privacy and ESG assessments and contract analyses.
• Perform detailed vendor risk assessments and provide recommendations.
• Manage responses to internal and external customer privacy and InfoSec inquiries.
• Ensure compliance with privacy legislation and internal policies.
• Coordinate and support internal and external audits related to ESG, PIMS and ISMS.

Simeio is a global leader in Identity and Access Management (IAM), with over 650 employees across offices in the USA (Atlanta HQ and Texas), India, Canada, Costa Rica, and the UK. Founded in 2007 and backed by private equity firm ZMC, Simeio is recognized by industry analysts as a top IAM provider.

We deliver services across access management, identity governance and administration, privileged access management, and risk intelligence—partnering with leading IAM software vendors to support on-premise, cloud, and hybrid environments.

Our clients include Fortune 1000 companies across industries such as financial services, technology, healthcare, media, retail, public sector, utilities, and education.

Simeio is an equal opportunity employer. If you require assistance with completing this application, interviewing, or participating in the selection process, please let us know.

Simeio is an equal opportunity employer. If you require assistance with completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to any of the recruitment team at or