Information Security and Compliance Specialist

Job Description

Role Description

This is a remote contract role for an Information Security and Compliance Specialist. Information Security and Compliance Specialist will be responsible for day-to-day tasks such as advising clients on compliance regulations, assessing risks and vulnerabilities, developing and implementing security policies and procedures, and managing compliance frameworks. Information Security and Compliance Specialist will also play a key role in coordinating with cross-functional teams to ensure seamless execution of projects and deliverables.

Your Role

• Support the end-to-end coordination of IT related audits. This includes, but is not limited to, coordination with relevant stakeholders during preparation, fieldwork, formalizing audit reports, and post audit gap closing monitoring.
• Support continuous gap analysis of new laws/regulations with relevant stakeholders (e.g., Audit, Group Compliance, Integrated Risk Management) and communicate the required changes to achieve ongoing compliance assurance.
• In-depth experience designing and implementing information security programs, strategies, frameworks, policies, awareness campaigns, and third-party security assessment program.
• Facilitate the process for IT compliance by providing guidance, templates, and tools to IT teams to identify, assess and manage IT compliance risks (e.g., ISO 27001, SOC 2, GDPR, ISO 20000,)
• Align the compliance objectives of the entity with IT policies, standards, and processes, and advise on the required control documentation to meet compliance objectives.
• Develop and lead security awareness training programs to educate employees on security best practices and emerging threats.
• Support the global team by maintaining IT compliance policies/guidelines/work instructions.
• Foster and contribute to global and cross collaboration among IT compliance officers.
• Provide support for IT compliance team in other locations.

Requirements

Successful candidates will possess the following skills/capabilities:

• 5 years of experience conducting/responding to internal/external/regulatory audits, designing controls, gap monitoring and closure, and risk mitigation strategies.
• Strong knowledge of information security principles, frameworks (e.g., ISO 27001, ISO 20000), and regulations (e.g., GDPR, SOC 2).
• Bachelor’s degree in business administration, information systems, or comparable degree.
• Professional certifications such as ISO 27001, GDPR, ISO 20000 or ISO 27701 are highly desirable.
• Excellent communication skills, with ability to process, aggregate and summarize succinctly.
• Highly structured and organized, with strong analytical and conceptual skills.
• You have strong communications skills to clearly convey messages and explore diverse points of view.
• Ability to influence others and manage conflict resolution.
• Strong relationship building skills and team focus.
• Ability to work under pressure and prioritize appropriately.
• Readiness to work in the EST/PST time zone when needed.