Requirements:

• Bachelor’s degree in Computer Science or Information Technology.
• 5-7 years of information security experience.
• Must have experience with ISO 27001 (Must have worked on producing evidence of compliance with the mandatory clauses (4 through 10)), SOC 2, and good to have PCI-DSS compliance management experience.
• STRONG communication skill (verbal and written) is a must – The role requires close cooperation and working with the teams in the US.
• Meet the deadlines; An energetic person with right attitude and to work and deliver under pressure.
• Experience of working in US-based multinational organizations would be a PLUS.
• Security certifications such as CISSP/CISA, ISO27001 are a must.
• Extensive experience with auditing vendors / service providers / partners for compliance with security.
• Experience of working extensively with the Engineering teams (system admin, network admin, security admin, application teams) to effectively communicate the compliance requirements.

Duties/Responsibilities:

• Analyze management and technical controls to ensure that specific security and compliance requirements are met through the verification of documented processes, procedures, and standards.
• Map regulatory/security requirements across the information security framework to identify overlapping requirements and compliance efficiencies.
• Track enterprise compliance across multiple security frameworks including ISO27001, 27701, SOC2, GDPR and PCI-DSS, maintaining up-to-date records of requirements and corresponding mitigating controls.
• Help internal teams with readiness for internal/external assessments/audits against industry standards and review programs/documentation for conformance.
• Collaborate on critical IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle.
• Develop key performance metrics to track and ensure compliance with established policies and standards.

APPLY HERE