IT and Security Compliance SpecialistManager
IT and Security Compliance SpecialistManager
Posted on :
15-10-2024
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Job Overview:
This position is for 712 years experience IT and Security Compliance Specialist ensures that the organization s IT systems and processes adhere to regulatory security and compliance standards. This role involves conducting audits risk assessment managing security policies ensuring adherence to industry regulations (e.g. ISO (at least 3 Information Security related) SOC2 GDPR HIPAA PCIDSS) and working with various departments to maintain a secure and compliant IT environment.
1. Compliance Management:
a. Ensure compliance with applicable security standards frameworks and regulations (e.g. ISO 27001 NIST SOX GDPR HIPAA PCIDSS).
b. Conduct regular internal audits of IT systems applications and processes to identify potential compliance issues.
c. Develop and maintain IT security policies and procedures aligned with industry best practices.
d. Assist in the preparation and submission of compliance reports to regulatory bodies as required.
2. Risk Management:
a. Identify assess and mitigate IT security risks.
b. Work with IT teams to implement risk mitigation strategies.
c. Monitor emerging security risks and implement appropriate controls.
3. Security Awareness and Training:
a. Develop and deliver security awareness training for employees to ensure a strong security culture.
b. Ensure that security policies and procedures are communicated and enforced across the organization.
4. Incident Response and Investigation:
a. Support incident response activities by helping investigate security incidents and breaches.
b. Conduct forensic investigations and recommend actions to prevent future incidents.
5. Vendor and ThirdParty Risk Management:
a. Evaluate thirdparty vendors and contractors to ensure their compliance with organizational security and privacy standards.
b. Manage security agreements and ensure ongoing monitoring of thirdparty security practices.
6. Collaboration:
a. Collaborate with IT Human Resource legal and other relevant departments to ensure compliance with contractual obligations related to IT and data security.
b. Act as a liaison between IT teams and external auditors or regulatory bodies during audits and assessments.
7. Continuous Improvement:
a. Stay updated with the latest compliance regulations security trends and technologies.
b. Propose improvements to the organization s security and compliance posture.
Requirements
Education:
o Bachelor s degree in Information Technology Computer Science Cybersecurity or a related field.
o Having anyone of certifications is preferred (e.g. CISSP CISA CISM CRISC).
Experience:
o Minimum of 7 years of experience in IT security & compliance or a related field.
o Working knowledge of GRC tools and compliance automation tools like Drata Sprinto Vanta is added advantage.
o Strong knowledge of compliance frameworks (e.g. SOC2 GDPR HIPAA ISO 27001 PCIDSS).
Technical Skills:
o Knowledge of security technologies risk management and vulnerability assessment tools.
o Familiarity with cloud security and thirdparty risk management.
o Experience with security audits and compliance assessments.
Soft Skills:
o Strong analytical and problemsolving skills.
o Excellent communication and interpersonal skills.
o Ability to work independently and collaboratively in a team environment.
o Strong attention to detail and ability to handle sensitive information with discretion.
1. Compliance Management: a. Ensure compliance with applicable security standards, frameworks, and regulations (e.g., ISO 27001, NIST, SOX, GDPR, HIPAA, PCI-DSS). b. Conduct regular internal audits of IT systems, applications, and processes to identify potential compliance issues. c. Develop and maintain IT security policies and procedures aligned with industry best practices. d. Assist in the preparation and submission of compliance reports to regulatory bodies as required. 2. Risk Management: a. Identify, assess, and mitigate IT security risks. b. Work with IT teams to implement risk mitigation strategies. c. Monitor emerging security risks and implement appropriate controls. 3. Security Awareness and Training: a. Develop and deliver security awareness training for employees to ensure a strong security culture. b. Ensure that security policies and procedures are communicated and enforced across the organization. 4. Incident Response and Investigation: a. Support incident response activities by helping investigate security incidents and breaches. b. Conduct forensic investigations and recommend actions to prevent future incidents. 5. Vendor and Third-Party Risk Management: a. Evaluate third-party vendors and contractors to ensure their compliance with organizational security and privacy standards. b. Manage security agreements and ensure ongoing monitoring of third-party security practices. 6. Collaboration: a. Collaborate with IT, Human Resource, legal, and other relevant departments to ensure compliance with contractual obligations related to IT and data security. b. Act as a liaison between IT teams and external auditors or regulatory bodies during audits and assessments. 7. Continuous Improvement: a. Stay updated with the latest compliance regulations, security trends, and technologies. b. Propose improvements to the organization s security and compliance posture.
Education
O Bachelor s degree in Information Technology, Computer Science, Cybersecurity, or a related field. o Having anyone of certifications is preferred (e.g., CISSP, CISA, CISM, CRISC). Experience: o Minimum of 7 years of experience in IT security & compliance, or a related field. o Working knowledge of GRC tools and compliance automation tools like Drata, Sprinto, Vanta is added advantage. o Strong knowledge of compliance frameworks (e.g., SOC2, GDPR, HIPAA, ISO 27001, PCI-DSS).
Employment Type
Full Time
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
