Information Security Specialist (AI)

TL;DR

Senior Information Security Specialist (AI): Shaping and scaling governance, risk, and compliance programs for an AI-native legal tech platform with an accent on ISO 27001, SOC 2 Type II, and ISO 42001 compliance. Focus on managing the ISMS, conducting risk assessments, coordinating audits, and ensuring security in modern AI workflows.

Location: This role is based either in Stockholm, Sweden or NYC, US, with a 5-day in-office policy for both locations.

Company

hirify.global is an AI-native legal tech company redefining legal work by empowering professionals with intelligent workflows and advanced data analysis.

What you will do

• Own and maintain the Information Security Management System (ISMS) in accordance with ISO 27001 and ISO 42001.
• Lead compliance efforts for SOC 2 Type II and support SOX ITGC readiness, collaborating with Finance and Engineering.
• Develop, implement, and maintain lightweight information security policies aligned with GDPR, ISO 27001, SOC 2, and ISO 42001.
• Conduct risk assessments, threat modeling, and gap analyses to identify and prioritize security risks.
• Coordinate internal and external audits, penetration tests, and manage remediation plans.
• Manage vendor risk, support client security questionnaires, and define policies for secure AI governance.

Requirements

• 3+ years of experience in GRC, information security, compliance, or audit roles in a technology/SaaS environment, or as an experienced software engineer transitioning into Information Security.
• Hands-on experience implementing and managing ISO 27001 and SOC 2 Type II, NIST 800-53 compliant programs.
• Knowledge of governance frameworks (ERM), risk management, and data protection regulations (GDPR, CCPA, ISO 42001, SOX ITGC).
• Understanding of Zero Trust principles and OWASP top 10 risks.
• Ability to confidently engage with technical teams on cloud security (Azure), infrastructure-as-code, secure development, and AI system security.
• Excellent communication and stakeholder management skills to translate security requirements.

Nice to have

• Experience with securing AI/ML workflows and building automation with GenAI tools.

Culture & Benefits

• Join a team focused on building from first principles and accelerating change in legal tech.
• Work with a company that values diversity of thought and experience.
• Commitment to an inclusive, high-performance culture.
• Opportunity to empower lawyers with technology.
• Focus on rapid shipping, effective iteration, and fast scaling.