As a Principal InfoSec and Compliance you will play a vital role in maintaining and improving our information security and data privacy governance risk and compliance framework. You will work closely with various teams to ensure compliance with industry standards particularly ISO 27001 data privacy and assess the risks associated with our IT systems and processes. Responsibilities: 1. Compliance Management: Assist in the development and maintenance of information security and data privacy policies procedures and standards. Conduct regular compliance assessments internal audits to ensure adherence to data privacy ISO 27001 and other relevant regulations. Monitor and report on privacy and security compliance gaps and work with teams to implement corrective actions. 2. Risk Assessment: Conduct risk assessments to identify potential privacy and security threats. Collaborate with IT and business units to develop and implement risk mitigation strategies. Continuously update and maintain the risk register. 3. Documentation and Reporting: Prepare comprehensive reports on the status of compliance and risk management activities. Maintain an accurate inventory of data privacy and information security policies and documentation. Provide clear and concise documentation of findings assessments and action plans. 4. Training and Awareness: Assist in educating employees and stakeholders on data privacy best practices and the importance of compliance. Stay up to date with industry trends best practices and emerging threats and share this knowledge within the organization. Work Experience: 1518 years of experience in InfoSec role with a strong understanding of ISO 27001 and GDPR. Familiarity with other cybersecurity standards and data privacy regulations (e.g. NIST DPDPA) is a plus. Strong analytical skills and the ability to assess and mitigate security risks. Excellent communication and documentation skills.
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.