About the Role 

The ISO Consultant works to execute assessment activities and provide technical leadership to the team. In this role, you will be responsible for the execution of ISO assessments alongside a variety of other client-facing security services. As the ISO Consultant, you will provide exceptional organizational and technical strategies to help the continued growth of our fast-paced company while leveraging your existing experience with industry frameworks like SOC, SOX, or PCI DSS. A-LIGN will depend on you to support management and high-profile clients in a virtual environment that prioritizes project quality over traditional metrics like chargeability goals or time reporting. To ensure your success, we will provide you with ISO-specific training courses and dedicated mentorship from our most experienced consultants.

Reports to

Managing Consultant 

Pay Classification

Full-Time 

Responsibilities 

• Plan and execute ISO engagements under the direction of the management team
• Lead assessments during remote or onsite testing
• Lead scoping calls about client environments
• Communicate clearly and proactively with both clients and management team regarding project status

Minimum Qualifications 

EDUCATION 

• Bachelor’s Degree in Information Security or related discipline, preferred but not required

EXPERIENCE 

• Knowledge or exposure to IT audits or IT security
• 1-2 years of experience conducting IT assessments with at least one industry standard framework such as SOC, ISO, SOX, PCI DSS, etc.

CERTIFICATIONS 

• Currently holds one relevant industry certification such as CISA, CISM, CISSP, etc. - preferred, but not required

SKILLS 

• Ability to adapt to changing standards and expectations
• Ability to work in a fast-paced environment
• Ability to work individually as well as part of a team
• Ability to meet tight deadlines
• A high degree of motivation
• Excellent communication skills including a mastery of written English

Benefits 

• Healthcare, Dental, and Vision Benefits
• EAP - Employee Assistance Program
• Competitive Bonus Structure
• Home Office Reimbursement
• Technology Allowance
• Certification Reimbursement
• Public Transportation Card
• Multisport Card
• Personalized Career Coaching
• Generous Paid Time Off
• Paid Office Closure December 24-January 1
• Summer Hours

About A-LIGN 

A-LIGN is the leading provider of high-quality, efficient cybersecurity compliance programs. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number one issuer of SOC 2 and HITRUST and a top three FedRAMP assessor. To learn more, visit a-lign.com. 

Come Work for A-LIGN! 

Apply online today at A-LIGN.com and learn about life at A-LIGN by following us on LinkedIn.  

A-LIGN is an Equal Opportunity Employer. 

The personal data you provide to us is processed by A-LIGN Bulgaria. Your personal data is shared with employees of A-LIGN, and the candidate data retention period is 6 months. You have the right to obtain information about the processing of your personal data. In addition, you have the right to correct, to block, and to delete your data in accordance with the local laws and regulations. For more information you can visit A-LIGN’s Job Ads Privacy Policy.

About the Role

The GRC analyst helps maintain A-LIGN’s management system as it relates to information security standards. In this role, you will be responsible for the coordination, maintenance, and improvement of A-LIGN’s corporate compliance program, including internal and external audits.

Reports to

Director of Compliance and Program Management

Pay Classification

Full-Time

Responsibilities 

• Support information security compliance programs across applicable frameworks, including SOC 2, ISO 27001, ISO 42001, FedRAMP, CMMC, and NIST 800-53/171
• Coordinate audit, assessment and testing activities with internal and external stakeholders
• Validate identified findings and nonconformities, manage remediation tracking, monitor resolution progress, and report status to stakeholders
• Review, update, and maintain information security documentation in accordance with applicable standards and organizational objectives
• Maintain and update the GRC platform (Optro) current with risk, control, and compliance data
• Assist with the implementation and ongoing management of data loss prevention (DLP) programs, including false positive identification, policy violations, incident monitoring and response coordination
• Support third-party risk management activities, including contractor oversight and vendor due diligence reviews
• Assist with client-issued security questionnaires and assessments
• Assist with risk management, vulnerability management, incident reviews, data disposal reviews, and BC/DR planning and testing
• Monitor and track employee completion of security training and awareness programs

Minimum Qualifications

EDUCATION

• Bachelor’s degree in management information systems, Information Security, Cybersecurity, Business or a related field or an equivalent combination of education and experience

EXPERIENCE

• At least 1 year of IT security, governance, risk, or compliance-related experience
• Knowledge of security and risk frameworks
  • Preferred knowledge of SOC 2, ISO 27001, ISO 42001, FedRAMP, CMMC, NIST 800-53, NIST 800-171
• Preferred: Knowledge of GRC tools (Optro, OneTrust, etc.)

CERTIFICATIONS         

• Preferred: CISA, CISM, Security+, CCSK, ISO Lead Auditor

SKILLS

• Ability to meet deadlines with a high degree of motivation
• Excellent critical thinking and problem-solving skills
• Strong communication and organizational skills
• Thrives in a fast-paced environment
• Ability to work individually as well as collaboratively

Benefits

• Healthcare, Dental, and Vision Benefits
• EAP - Employee Assistance Program
• Competitive Bonus Structure
• Home Office Reimbursement
• Technology Allowance
• Certification Reimbursement
• Public Transportation Card
• Multisport Card
• Personalized Career Coaching
• Generous Paid Time Off
• Paid Office Closure December 24-January 1
• Summer Hours

About A-LIGN 

A-LIGN is the leading provider of high-quality, efficient cybersecurity compliance programs. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number one issuer of SOC 2 and HITRUST and a top three FedRAMP assessor. To learn more, visit a-lign.com. 

Come Work for A-LIGN! 

Apply online today at A-LIGN.com and learn about life at A-LIGN by following us on LinkedIn.  

A-LIGN is an Equal Opportunity Employer. 

The personal data you provide to us is processed by A-LIGN Bulgaria. Your personal data is shared with employees of A-LIGN, and the candidate data retention period is 6 months. You have the right to obtain information about the processing of your personal data. In addition, you have the right to correct, to block, and to delete your data in accordance with the local laws and regulations. For more information you can visit A-LIGN’s Job Ads Privacy Policy.

About the Role 

The Accounting Payroll Specialist will execute department activities and ensure the seamless flow of our global financial operations. In this role, you will be responsible for supporting payroll process tasks and executing accounts payable activities across our diverse international footprint, including the United States, Bulgaria, Panama, Ireland, the United Kingdom, and India. As the Accounting Payroll Specialist, you will provide exceptional organizational and analytical strategies to help continued growth of our fast-paced company by mastering the payroll nuances of each country and partnering with internal and external stakeholders. A-LIGN will depend on you as the Accounting Payroll Specialist to support management through meticulous data audits, payroll processing tasks and invoices, and the performance of critical journal entries and reconciliations that underpin our financial integrity.

Reports to

Accounting Manager 

Pay Classification

Full-Time 

Responsibilities 

• Execute payroll processing tasks for A-LIGN’s worldwide operations, including the US, Bulgaria, Panama, Ireland, UK, and India, while developing a deep understanding of country-specific payroll nuances
• Create and process payable invoices and review expense reports
• Creating vendor payments for processing payments
• Conduct regular audits of financial data to ensure completeness and accuracy across all payroll and AP activities
• Partner effectively with both internal departments and external partners to ensure the timeliness of payments and compliance with local regulations
• Perform journal entries, account reconciliations, and other reporting tasks to support the goals of the accounting department
• Prepare documentation and reconciliations to support annual financial statement audits, benefit audits, and other regulatory reviews
• Adapt to changing business priorities in a fast-paced environment, identifying and solving problems to support the broader needs of the business

Minimum Qualifications 

EDUCATION 

• Bachelor’s degree in Accounting, Finance, Business Administration, or Economics or relevant education and experience 

EXPERIENCE 

• At least 3 years of experience in payroll, including activities in support of: Standard Earnings, Non-standard earnings, Taxes, Benefits, Payments 
• Preferred experience processing payroll for employees within more than one country 
• Preferred experience in accounts payable 
• Preferred experience with Workday/ CloudPay

SKILLS 

• Ability to meet deadlines with a high degree of motivation 
• Excellent English communication skills, both written and verbal
• Thrives in a fast-paced environment 
• Ability to work individually as well as collaboratively 

Benefits 

• Healthcare, Dental, and Vision Benefits
• EAP - Employee Assistance Program
• Competitive Bonus Structure
• Home Office Reimbursement
• Technology Allowance
• Certification Reimbursement
• Public Transportation Card
• Multisport Card
• Personalized Career Coaching
• Generous Paid Time Off
• Paid Office Closure December 24-January 1
• Summer Hours

About A-LIGN 

A-LIGN is the leading provider of high-quality, efficient cybersecurity compliance programs. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number one issuer of SOC 2 and HITRUST and a top three FedRAMP assessor. To learn more, visit a-lign.com. 

Come Work for A-LIGN! 

Apply online today at A-LIGN.com and learn about life at A-LIGN by following us on LinkedIn.  

A-LIGN is an Equal Opportunity Employer. 

The personal data you provide to us is processed by A-LIGN Bulgaria. Your personal data is shared with employees of A-LIGN, and the candidate data retention period is 6 months. You have the right to obtain information about the processing of your personal data. In addition, you have the right to correct, to block, and to delete your data in accordance with the local laws and regulations. For more information you can visit A-LIGN’s Job Ads Privacy Policy.

At Yotpo, we are committed to creating secure, reliable, and innovative solutions for our customers. The Security Team is a core part of every aspect of Yotpo’s business - from customers to backend systems and everything in between. As a Senior Cloud Security Engineer, you will play an integral role in designing, maturing, and automating our cloud security controls. You will also contribute to other security domains and initiatives such as Incident Response, Security Monitoring and Risk Management. You will work in close partnership with our DevOps, R&D and Product teams to help strengthen our security posture and our platform.

Why Join Us:

• Engineers will immerse themselves in a complex, large-scale environment that offers the chance to work with diverse technologies. This unique setting is an exceptional opportunity for growth that not every company can provide.
• Be at the forefront of cybersecurity, tackling complex and emerging challenges.
• Freedom to innovate and implement impactful solutions that directly enhance Yotpo’s overall security posture.
• Engage with a wide range of projects to develop deep knowledge across multiple security domains.

Key Responsibilities:

• Serve as Cloud Security Subject Matter Expert (SME), actively supporting R&D and product teams in developing secure solutions.
• Design secure cloud architectures and implement practical, automated, and scalable controls across services in partnership with DevOps, R&D, and Product teams.
• Continuously assess cloud security posture, identifying gaps and opportunities to reduce risk and adopt best practices.
• Implement, mature, and automate end-to-end cloud security controls across AWS, Kubernetes, CI/CD pipelines, and self-managed systems.
• Lead and improve vulnerability management workflows; communicate vulnerabilities and mitigation strategies to stakeholders, balancing business agility and security.
• Own the full lifecycle of security initiatives from proof of concept (POC) and design to deployment and operation while promoting a security-first mindset.
• Maintain and develop the team knowledge base.
• Stay curious and enjoy working with modern security tools and technologies.

Requirements

• 5+ years of hands-on experience as Cloud Security Engineer, DevSecOps, or similar roles within an AWS environment.
• Expertise in managing cloud security controls (IAM, Security Groups/ACLs, WAF, IDS/IPS, load balancing, proxies, VMs, serverless).
• Experience securing Kubernetes and containerized workloads.
• Proficiency with Python/Bash scripting and automation.
• Experience with Infrastructure-as-Code (IaC), preferably Terraform, and CI/CD tooling (e.g., GitHub Actions).
• Strong communication skills to influence and guide teams as a cloud security SME.
• Excellent problem-solving skills for high-complexity environments.
• Excellent written and verbal English.

Preferred Qualifications (Nice to Have):

• AWS certifications (AWS Certified Solutions Architect, AWS Certified DevOps Engineer, AWS Certified Security - Specialty).
• Experience with CSPM, CNAPP, CWPP, and EDR solutions.
• Familiarity with security standards and frameworks (ISO, TSC, NIST) and their application to cloud environments.

Team Culture:

The Security Team at Yotpo thrives on risk-based thinking, vigilance, proactiveness, collaboration, and continuous learning. Every member plays a critical role in protecting our company and our customers. By fostering an atmosphere of trust and mutual respect, we empower each other to embrace challenges, share expertise, and innovate solutions.

What we offer:

• Track to success – work in a dynamic organization with ambient and laid-back office atmosphere
• Individualized career development, rewards, and recognition.
• Work-life balance – 25 days paid vacation with add-ons for loyalty, regular team buildings and celebrations in and outside the country
• Additional health insurance package
• Internal mobility program and refer-a-friend program
• Managing a fixed monthly budget for social benefits thru Re:Benefit – a flexible online benefits solution
• Food vouchers
• E-learning portals and knowledge sharing sessions.
• Company backed Hackathons, Tech conferences, workshops events, etc
• Stocked kitchen and bar.
• Equity in options.
• Flexible hybrid capacity

If you don’t meet 100% of the qualifications outlined above, that’s okay! We believe in hiring people, not just skills. If you have a passion to learn and are excited about eCommerce and technology, then we want to hear from you.

Help us be the best version of Yotpo by building something great together!

About the Role

We are looking for an experienced Security Engineer to assist in maintaining and improving the organization’s security posture through proactive monitoring, vulnerability management, and incident response. As a key member in our IT & Security Team. this role is ideal for individuals passionate about cybersecurity who are eager to grow their technical skills and contribute to safeguarding enterprise systems and data.

Responsibilities

• Lead the evaluation, implementation, and continuous improvement of cybersecurity controls across the organization to ensure alignment with internal security standards and regulatory requirements.
• Conduct vulnerability assessments and coordinate remediation activities with engineering and infrastructure teams, including risk prioritization, tracking, and reporting.
• Manage and maintain endpoint security controls, including system monitoring, patch management, and security configuration to ensure optimal performance and protection across enterprise environments.
• Configure, manage, and optimize the organization’s mobile device management (MDM) and endpoint protection platforms, ensuring effective coverage and policy enforcement.
• Oversee software deployment, operating system imaging, and patch compliance across enterprise endpoints, ensuring timely updates and adherence to security baselines.
• Monitor, investigate, and respond to security alerts and incidents using SIEM, EDR, and related security tools, ensuring effective containment, remediation, and post-incident analysis.
• Document security monitoring activities, incident investigations, and response actions in ticketing and case management systems to ensure traceability and continuous improvement.
• Collaborate with engineering, IT, and product teams to define, implement, and maintain security baselines and secure configurations across systems and endpoints.
• Participate in the security assessment and due diligence of third-party vendors and service providers, including reviewing security documentation and identifying potential risks.
• Assist in responding to customer security inquiries and completing security questionnaires, supporting sales and customer assurance processes with accurate and timely information.
• Contribute to security awareness initiatives and promote security best practices across the organization.
• Provide guidance and mentorship to junior team members on security operations, endpoint security, and incident response practices.

Requirements

Education & Certifications

• Degree in Computer Science, Information Security, Information Technology, or a related field.
• 4+ years of experience in cybersecurity, information security, or a related technical role.
• Professional security certifications are considered a strong advantage, such as CompTIA Security+, Cisco CyberOps Associate/Professional, Azure Security Engineer, Google Professional Cloud Security Engineer, CEH, or similar security certifications.

Technical Skills

• Understanding of networking concepts and protocols, including TCP/IP, DNS, firewalls, VPNs, and network segmentation.
• Hands-on experience in security operations, including endpoint security, vulnerability management, threat detection, and incident response within enterprise environments.
• Practical experience with SIEM, EDR, and centralized logging platforms (e.g., Splunk, Microsoft Sentinel, CrowdStrike, or similar), including alert investigation, detection tuning, and incident analysis.
• Experience with vulnerability management tools (e.g., Nessus, Qualys, OpenVAS) and the ability to interpret scan results, prioritize remediation, and coordinate fixes with engineering or infrastructure teams.
• Ability to develop or maintain automation scripts using PowerShell, Python, or Bash to improve security monitoring, reporting, or operational workflows.
• Familiarity with endpoint management and security technologies, including MDM platforms and endpoint protection solutions.
• Understanding of security best practices, system hardening, and security baselines across operating systems and enterprise environments.
• Continuous professional development through security certifications, training, industry events, or participation in the cybersecurity community.

Soft Skills

Strong analytical and problem-solving skills

• High attention to detail and ability to prioritize tasks in a fast-paced environment

Excellent communication and teamwork

• Eagerness to learn, adapt, and grow in a dynamic cybersecurity team.

Company Benefits

• Competitive compensation package
• 30 days holiday paid leave
• One week exchange policy to another Payhawk office (London, Berlin, Barcelona, Paris, Amsterdam and Vilnius)
• Flexible working hours and opportunity to work from home
• Regular team-wide events
• Additional medical care
• MultiSport card fully funded by us
• Company office massages
• Personal assistant service
• Opportunity to use the Payhawk product (that is, essentially, built by you).