Job Description

Senior Security and Compliance Specialist:
Job-Description:

• Work on end to end audit and compliance or related team projects and initiatives as and when assigned by meeting the deadlines and extended support as needed. Like PCI, SOC2, privacy shield, APEC CBPR, PIPEDA, HIPAA, ISO, CCPA, GDPR
• Liaise with appropriate internal and external stakeholders
• To keep compliance and audit documentation up to date as needed.
• Assist with drafting and reviewing suitable standard operating procedures, workflow diagrams, and associated compliance documentation to align with corporate security policies, procedures and standard as applicable.
• Monitor and be on top for ongoing organizational compliance and report to Management from time to time. Also, maintain dynamic Compliance Assessment/audit dashboard, trend analysis & reporting.
• Participate and formulate compliance assessment calendar and other dashboards required for executive reporting
• Managing and provide all required support to all adhoc compliance assessment requests
• Perform process gap assessment and provide recommendations to address the gaps and liaise with internal tech control team accordingly and other stakeholder as needed.
• Proactively provide and work on the upcoming external Audit by performing readiness in terms of evidences and other preparatory needed and required.
• Be a strong team player who works as a positive force, very organized and support the InfoSec team and complete all the activities in the timelines defines.
• Would have worked or ready to work on the different privacy assessment by liaising with internal and external stakeholders as required
• Review and update IT system and other attestation-related documentation on an ongoing basis
• Ability to communicate well to up line management and also motivate technical teams.
• Ability and eagerness to quickly learn new technology and drives the audit independently (if required)
• Ability to foresee and help in driving risk assessment across the organization or a small segment if required.
• Ability to make data sheet and run with the multiple audit
• Very strong communication skills – verbal and business writing acumen
• Project Management is a key skill required, to manage multiple projects in parallel.
• Basic understanding of Technical Security in at least 1 of the following streams
  o Network Security
  o System Security
  o Operational Security
  o Application Security, o Risk Assessments, o Exception management

Work Conditions: General office environment; Work location is Bangalore (Hybrid model).
Qualifications:

• BE/B. Tech degree required in Computer Science, Information Technology, Computer Applications or related field
• Total 5+ years of experience and 2-3 years of end to end relevant work experience working with IT audit and compliance-related audit/work.
• Knowledge of end to end control frameworks : PCI, SSAE16 (SOC2), ISO 27001, ISO 22301, NIST, COBIT, HIPAA,
• Risk Management Principles
• Familiarized with the privacy certification(Privacy shield, GDPR, CCPA, APEC CBPR, Australian privacy laws
• ITIL or audit-related certification (e.g. CISA, CISSP, CGEIT, CRISC, ISO 27002) preferred
• Ability to work hours which overlap with US Pacific Standard Time zone
• Eagerness to contribute in a team-oriented environment
• Excellent interpersonal, oral and written communication skills
• Strong customer service orientation with positive attitude and proactive in taking up the responsibilities
• Self-motivated and directed, with strong attention to detail
• Able to prioritize and execute tasks in a high-pressure environment

Reporting: Reporting to Manager, Compliance and Privacy audit and reporting team
Does your profile matches to above Job description and looks exciting? Then look no further and share your resume to Arshad.s@247.ai