Lead, Information Security Compliance & Audit
Full Job Description
We need a meticulous Information Security Compliance Lead. Is it you?
The Information Security Compliance Lead is in charge of implementing the Company’s security strategy. The role involves knowledge of compliance frameworks as well as evaluating internal and external partners against the Company’s control system. He/she reports to the VP of InfoSecurity.
- Technical with three years of expertise in security, compliance, or risk management.
- The function fulfils the company’ security duties specified by standards and legislation such as HIPAA, PCI DSS, and other healthcare sector frameworks.
- The Information Security Risk and Compliance analyst regularly examines and confirms the security program’s assurance.
- The Information Security Risk and Compliance Lead oversees progress and enforces remediation of unresolved problems that may lead to non-compliance or unacceptable business risks.
- The Information Security Risk and Compliance Lead must concentrate on comprehensive risk management and not just compliance.
- Other tasks as given.
- Managing compliance and security documentation and proof.
- Knowledge of NIST and SOC-2 security standards.
- Preferably familiarity with IT security rules and/or standards such as HiTrust and HIPAA.
- Extensive experience doing security control evaluations or audits
- Experience with SOC-2, ISO, and HiTrust audits is a plus.
- Strong oral and written communication skills.
- Maintain security and RFP documentation.
- Needs to be analytical and critical-thinking.
- High-level of attention to detail and be a self-starter with ability to work independently, multi-task and adjust to shifting priorities.
Qualification and Experience
- Degree in Engineering, with some experience in IT Infra (System/Cloud engineer) along with IT audit and compliance experience.
Be who you are at work
It is our goal to be the catalyst for change that inspires us to take action in the workplace. Work should be a place where your true self can be fully expressed. We’re working hard on making that happen for you.
If you are interested in this opportunity, send an email to firstname.lastname@example.org.