IT Security Specialist

The IT Security Specialist reports to the IT Security Manager and is responsible for security incident management operations at Vistex in accordance with Vistex IS policies and standards.

Responsibilities:

• Acts as a representative and contact point for IT Security queries and issues at the Vistex Hoffman Estates office in Chicago.
• Operates and develops procedures to ensure ISO27001 and SOC audit requirements are met.
• Develops, conducts, and improves security processes and procedures in line with Vistex information security standards and policies.
• Responds to customer and partner security assessments, questionnaires, and queries.
• Provides reports on Information Security metrics as required.
• Acts as an escalation point for security incidents within the IT Security function.
• Actively monitors and responds to alerts and detections in Vistex’s security toolset, including SIEM, endpoint protection, web filtering/DNS protection, and Office 365 alerts.
• Works closely with Vistex teams and manages service providers to implement security improvements, address vulnerabilities, and respond to security issues.
• Adapts flexibly to project needs and collaborates with colleagues from other regions or during out-of-hours incidents.
• Identifies and stays informed of the latest security trends and issues through various publications and sources.

The compensation for this position is $80k - $88k CAD. Base pay varies depending on factors such as location, knowledge, skills, and experience. The package may include discretionary annual bonuses. Vistex offers comprehensive benefits, including healthcare and paid time off, including volunteer days.

About us: The Vistex platform helps businesses manage promotions, rebates, SPAs, discounts, and incentives. It enables business leaders to see the effectiveness of their programs and make informed decisions, trusted by companies like Coca-Cola, Sony, and Grainger.

Motivations:

Bachelor's or higher in Information Technology or related field.

• 2-3 years of Information Security experience.
• Experience with security frameworks such as ISO27001, SOC 2, NIST, PCI-DSS.
• Understanding of IT and infrastructure technologies: servers, networks, firewalls, databases, applications.
• Familiarity with security technologies: vulnerability management, SIEM, IDS/IPS, cloud security.
• Knowledge of security concepts: defense-in-depth, least privilege, separation of duties, threat modeling.
• Proficiency with MS Office, especially Excel, for documentation and data analysis.
• Strong written and verbal communication skills in US English.

Security certifications such as CompTIA Security+, ISC2 CC, CISA, ISO27001, etc.