Timely is a fast-growing startup, revolutionizing the way people track their time. We’re building innovative solutions that make time tracking effortless through AI-powered automation. At Timely, we prioritize user privacy and believe that the future of time tracking lies in seamless, intelligent tools that respect individual boundaries while enhancing productivity.
Timely is backed by some of the leading venture capital funds in Europe, including Concentric, Snö, 500 Startups, and Melesio, among others. We’ve been featured in major global publications such as TechCrunch and the BBC for our innovative approach to time management solutions.
Job Description
We are looking for a highly skilled and motivated Information Security Analyst/ Security Compliance Specialist with 3+ years of experience to address complex security challenges, drive proactive security initiatives, and effectively support compliance needs. You will collaborate closely with our security, engineering and product team to ensure security compliance.
Key Responsibilities
Security Assessments:
- Manage and complete security assessment questionnaires from clients, vendors, and partners.
- Evaluate vendor security and compliance by reviewing their responses and supporting documentation.
Risk Identification:
- Identify security risks within the company’s IT infrastructure and services.
- Assess potential risks posed by vendors or partners during onboarding.
Compliance Monitoring:
- Ensure compliance with security standards such as ISO 27001, GDPR, SOC 2, or any other relevant frameworks.
- Work with internal teams to maintain compliance with legal and regulatory requirements.
Collaboration:
- Collaborate with the IT security, legal, and procurement teams to address concerns identified in the security assessments.
- Coordinate with vendors to ensure their security practices meet company requirements.
Policy Development:
- Develop and maintain internal security policies and procedures related to vendor assessments and third-party risk management.
Reporting:
- Prepare detailed reports summarizing findings from security assessments and risk analysis.
- Provide recommendations to improve security measures and compliance.
Training:
- Educate internal staff and external partners about security best practices and compliance requirements
Qualifications
- 3+ years of experience in information security, cybersecurity, or IT compliance.
- Strong communication skills, both written and verbal, with remote teams in English.
- Proven ability to work independently, with attention to detail and a systematic approach.
- Experience/Familiarity with standards like ISO 27001, NIST, GDPR, SOC 2, PCI-DSS, or HIPAA.
Desirable Skills
- Cloud Security: AWS, Azure, Google Cloud security practices.
- Data Privacy Expertise: GDPR, CCPA, HIPAA knowledge.
- Advanced Threat Detection: MITRE ATT&CK, malware analysis, pen testing.
- Security Frameworks: CIS Controls, Zero Trust, NIST, COBIT.
- Security Automation: SOAR platforms for incident response.
- Forensics & Investigation: Digital forensics basics, evidence analysis.
- Network & Endpoint Security: Firewalls, IDS/IPS, VPN, EDR solutions.
What We Offer
- Competitive salary and stock options in a fast-growing startup.
- Modern office in Pune with great colleagues.
- Opportunity to work on cutting-edge technology and make a significant impact on our product.
- A dynamic, diverse, and inclusive team culture where your input and creativity are valued.
What We Value
Trust, open-mindedness, curiosity, respect, and fun are at the core of our culture. We are looking for people who thrive in an environment of self-improvement, honesty, and openness. Diversity is important to us, and we believe that people from different backgrounds working together can achieve incredible things. We want you to be the best version of yourself while working with us to build the next big tech company.
Join us and be part of a team that values your contributions!