Job Description
Full details about the role and requirements
Yukerja Summary
The InfoSec Analyst role at AltoVita is curated from Remote Jobs (category Teknologi & IT). This role is marked as remote — check timezone and location requirements on the official listing. Yukerja.com is not the employer — applications are handled on the official source site.
# InfoSec Analyst - AltoVita
**Location:** London, United Kingdom
**Department:** Engineering
## About the Company
AltoVita is a female-founded scale-up with approximately 100 employees across 26 countries, speaking 29 languages collectively. The company is a multi-award winning accommodation platform that enables enterprises to consolidate accommodation programmes through proprietary technology and a human-centric approach. AltoVita recently closed Series A financing and will be entering Series B rounds. The company operates a network of 10 million+ verified properties across 35,000+ cities in 165 countries worldwide.
##
Key Responsibilities
**Security and Privacy Operations**
- Support day-to-day operation of AltoVita's information security and privacy activities
- Maintain security, privacy and compliance documentation
- Track security and privacy actions, control improvements and remediation activities
- Maintain registers including risks, issues, actions, policies, vendors, assets, data processing activities and control evidence
- Coordinate updates between internal teams to ensure progress on agreed actions
- Prepare security and privacy reports, summaries and updates for internal stakeholders
- Ensure security and privacy activities are documented, repeatable and easy to evidence
- Escalate risks, issues or delays to the CISO or relevant business owner
**Compliance and Audit Support**
- Support internal and external compliance activities including ISO 27001, SOC 2, GDPR and client assurance
requirements
- Gather evidence for audits, assessments and control reviews
- Maintain audit trackers, evidence folders and compliance records
- Coordinate with internal teams to obtain required documentation and control evidence
- Support follow-up actions from audits, assessments or client reviews
- Assist with maintenance of policies, procedures and standards
- Ensure compliance activities are well organised and delivered within agreed timelines
- Support CISO and control owners with audit preparation and remediation tracking
**Policy and Documentation Support**
- Maintain clear, practical and accessible security and privacy documentation
- Review and update information security and privacy policies
- Assist with creation of standards, procedures, guidance notes and user-facing materials
- Ensure documents are version controlled, approved and communicated appropriately
- Maintain policy review schedules and track required updates
- Draft practical guidance for employees on security and privacy topics
- Support communication of policy changes across the business
- Ensure documentation is accurate, consistent and aligned to business processes
**Security Awareness and Culture**
- Carry out security and privacy training administration and ensure 100% completion rates across the business
- Support development of awareness content, reminders, newsletters, FAQs and guidance
- Coordinate phishing simulations and follow-up communications
- Track training completion and awareness participation
- Support campaigns that promote secure behaviours and good privacy practices
- Make security and privacy feel practical, accessible and enabling
- Escalate recurring behavioural or process issues to the CISO or relevant business owner
**Privacy Support**
- Assist with maintenance of privacy records, including data processing registers and related documentation
- Track privacy actions, assessments and improvement activities
- Gather information for privacy reviews, data mapping or data protection impact assessments
- Provide practical privacy guidance to internal teams, escalating complex matters where needed
- Assist with record keeping for data subject requests, incidents or privacy enquiries
- Ensure privacy documentation remains organised, accurate and accessible
**Client Assurance and Security Questionnaires**
- Support completion of client security and privacy questionnaires, RFP responses and due diligence requests
- Prepare responses to client security and privacy questions
- Maintain library of approved answers, evidence and supporting materials
- Coordinate with internal subject matter experts to obtain accurate information
- Ensure responses are consistent with AltoVita's current controls, policies and practices
- Translate technical or compliance information into clear, client-friendly language
- Track open client assurance requests and support timely completion
- Escalate complex, high-risk or contractual questions to the CISO, Legal or relevant business owner
**Supplier and Third-Party Support**
- Assist with supplier due diligence questionnaires and evidence collection
- Maintain supplier records, risk ratings and review schedules
- Track supplier security or privacy actions
- Support periodic reviews of key suppliers
- Ensure supplier documentation is complete and up to date
- Escalate potential supplier risks or concerns to the appropriate owner
**Incident and Risk Support**
- Support security, privacy
Apply directly on RemoteJobs.org: https://remotejobs.org/remote-jobs/infosec-analyst-altovita