Compliance Associate

Job Description

Key Responsibilities: 1. Risk Assessment and Management • Assist in gathering information and preparing inputs for risk assessments across organizational and technical domains. • Help maintain and update risk registers, mapping identified risks to relevant ISO 27001 controls. 2. Compliance Implementation • Support the implementation of compliance frameworks like ISO 27001, ISO 27701, and GDPR across client environments. • Assist in reviewing access control, antivirus configurations, logging settings, and other control areas under guidance. 3. Cloud and Platform Compliance • Help collect evidence and perform basic checks related to AWS cloud compliance and security posture. • Work with internal teams to ensure cloud environments align with compliance standards and best practices. 4. Auditing and Monitoring • Assist in preparing for internal and external audits, including organizing documents and gathering evidence. • Help track audit findings and follow up on corrective and preventive actions (CAPAs). 5. Documentation and Reporting • Contribute to the creation and maintenance of compliance documents such as policies, procedures, SoA, and data flow diagrams. • Use tools like Confluence and Microsoft Word to develop clear, structured, and audit-ready documentation. 6. Collaboration and Learning • Work with IT, HR, and other departments to gather information for compliance activities. • Participate in training sessions to build understanding of security controls, regulatory requirements, and audit processes. Key Requirements : Technical Skills • Basic understanding of compliance frameworks such as ISO 27001, ISO 27701, and GDPR (via coursework, self-learning, or certifications) • Familiarity with common ISO 27001 control areas, including: Access control reviews Antivirus and endpoint protection checks Log monitoring and review practices • Awareness of cloud compliance principles • Ability to assist in creating and maintaining documentation such as policies, risk registers. • Comfortable using Microsoft Word, Excel, and documentation platforms like Confluence. Soft Skills • High attention to detail and commitment to delivering accurate, audit-ready documentation • Strong analytical thinking and basic problem-solving ability in structured tasks • Excellent written and verbal communication skills, especially for documentation and stakeholder coordination • Ability to collaborate effectively with cross-functional teams (e.g., IT, HR, Legal) • Strong organizational skills and the ability to follow processes and meet deadlines • Proficiency in English (written and spoken) • Eagerness to learn and grow in the fields of compliance, risk, and privacy