We are seeking a highly skilled and knowledgeable Compliance Specialist to ensure that our company adheres to multiple compliance standards across different industries. The ideal candidate will be responsible for monitoring regulatory developments ensuring compliance with various frameworks and implementing necessary changes to maintain full legal and regulatory compliance.
Key Responsibilities:
Compliance Management: Ensure adherence to multiple compliance standards including but not limited to ISO 27001 SOC 2 SOX GDPR HIPAA PCIDSS and other relevant frameworks.
Customer Security Questionnaires: Collaborate with crossfunctional teams to complete security questionnaires requested by customers. Provide accurate and detailed responses to demonstrate the Companys commitment to security.
Vulnerability Management: Oversee vulnerability scanning activities including penetration tests and regular vulnerability scans to identify weaknesses in Companys systems and infrastructure.
Remediation Management: Work closely with IT Dev and security teams to ensure timely remediation of identified vulnerabilities tracking progress and verifying that vulnerabilities are resolved satisfactorily.
Security Awareness: Promote a culture of security awareness across the organization educating team members on security policies and best practices.
Auditing & Reporting: Conduct regular internal audits prepare for external audits and ensure timely submission of compliance reports to governing bodies.
Policy Development: Develop implement and maintain companywide policies and procedures that align with various compliance standards.
Risk Management: Identify potential risks related to compliance breaches and recommend corrective actions.
Training & Awareness: Educate and train employees on compliance standards company policies and industry best practices.
Stakeholder Collaboration: Work closely with internal teams including IT Legal and Operations to ensure all departments comply with applicable regulations.
Continuous Improvement: Stay uptodate with changing regulations and industry trends to recommend updates to current processes and compliance frameworks.
Incident Response: Assist in developing incident response plans and ensure effective handling of any compliance violations or data breaches.
Requirements
- Bachelor s degree in Law Information Security Business Administration or a related field.
- Over 5 years of experience in compliance risk management or a related field.
- Certifications: Relevant certifications such as CISA CISSP CISM or ISO/IEC Lead Auditor are highly preferred.
- Indepth knowledge of compliance frameworks such as ISO 27001 SOC 2 GDPR HIPAA PCIDSS NIST or others.
- Experience conducting audits and implementing compliance controls.
- Strong analytical and problemsolving skills with the ability to handle multiple compliance regulations simultaneously.
- Excellent communication skills with the ability to explain complex compliance concepts to nontechnical stakeholders.
- Strong organizational skills and attention to detail