Job Description

We are looking for a Senior Manager, Audits & Compliance to coordinate and oversee the internal as well as external audit activities. In this role, you will be primarily responsible for collaborating with internal stakeholders and external auditors to complete information security and compliance audits across various departments. You will work closely with the IT Security team to ensure that processes and controls align with regulations and industry standards, including the PCI, HIPAA, SOC 2, and others. This position will be required to regularly collaborate across various business units to develop policies, procedures, and training related to regulatory compliance.


Responsibilities
Qualifications/Criteria's

External Audit Interface -

Lead the company's security and compliance audits, including PCI, SOC 2, GLBA and HIPAA audits. Plans, leads, and executes audit engagements with third-party auditors with a high quality of professionalism; Conduct interactions with third party auditors that exhibits control understanding and confidence; Ability to work with auditors based out of the US and/or India;

Adhere to global standards -

Stay up to date with global information security and data privacy regulatory requirements that affect the company's products, services, and operations. Evaluates applicable global standards & compliance frameworks to establish internal standards, guidelines, policies, processes, and procedures; Designs, develops and publishes internal program frameworks, checklists, and procedures using creative publishing and editing software tools;

Communication and Leadership -

Effectively communicate audit status to executive leadership; Leads a team of security, audit and/or compliance analysts and mentor them; Coordinates and facilitates audit preparation and "in audit" activities; Communicates within the team autonomously and drives the communications across partner teams; Drives clearly defined intra-team issues to resolution; Drives project scheduling, tracking, and communications independently;

Conduct Internal Risk Assessment -

Evaluate the effectiveness of the internal controls, business processes, and corresponding evidence, in alignment with industry and regulatory requirements and expectations; Conduct business process reviews to both assess the efficiency and effectiveness of operations as well as evaluate the design and operating effectiveness of internal controls; Reports risks of internal control deficiencies and provides recommendations for improving the organization's operations; Evaluates information security and associated risk exposures;

Data and Tools Management -

Manage and maintain the company's compliance audit data, including submissions to previous audits, responding to data access requests from internal/ external auditors, documenting incident reports, and maintaining a current overview of security controls. Create and maintain data maps and data flow documentation across various audits and departments. Develop audit programs, frameworks and tools to support and scale processes, create working papers and reports;

Training -

Provide training to staff members on information security/data privacy best practices and regulatory compliance. Recommend organization-wide training based on gaps identified to ensure adherence to company practices and policies.

*Should have scored 70% & above throughout academics
A Minimum of a Bachelor's degree in Computer Science or related software engineering discipline, or equivalent A Postgraduate degree or equivalent qualification or a recognized qualification in management Knowledge of information security standards and privacy laws, including SOC 2. Experience leading SOC 2 audits for a software or technology services company 12+ years of experience with security or compliance audits Strong interpersonal skills and the ability to communicate effectively with others at all levels of the organization The ability to work independently and manage complex projects across US and India time zones Strong time management and organizational skills * Excellent written and oral communication ability