Compliance Engineer

Job Description

The Role: A Compliance Engineer will contribute to the Plan, complete, report, and manage, program, follow-up, and ad-hoc internal audits for all areas of the business making recommendations and suggestions to staff, process owners, and the board of directors wherever applicable. Create, define and improvise processes and procedures as per industry standards and audit requirement Roles and Responsibilities: Develop, implement and maintain internal audit policies and procedures in accordance with local regulations, legal requirements, PCI DSS and ISO 27001, and any other standard that the company opts to follow. Assist compliance manager to administer all processes and procedures and ensure working within the regulatory framework and develop and implement all policies and recommend ways to minimize risk. Keep current with legal and regulatory information relative to business operations Audit and monitor data, systems, and processes for compliance to policies and laws Contribute to planning and executing information security awareness programs Prepare for and participate in process-led internal, and external vendor audits, at planned intervals and to provide suitable reporting on whether the management systems conform to Legal and regulatory requirements Our own quality and information security management system requirements. The requirements of PCI-DSS Level 1, ISO 27001:2013 and GDPR: Follow up constantly with internal stakeholders in gathering required evidence and organize them in a folder structure at the defined location Identify if the management systems are effectively implemented and maintained Plan and complete ad-hoc audits as required (Vendor Audits). Produce reports for all audits undertaken identifying: Audit criteria and scope Deficiencies and non-conformities Corrective action required (after agreement with process owner) Those responsible Achievable target dates for follow-up audits Update and record the standard specific clauses and controls covered, post audit Monitor progress on corrective actions to ensure they are concluded without undue delay Assist in the preparation of new documented information as well as updates to current ones. Comply with legal and regulatory, contractual and business requirements Mandatory Qualifications: ISO 27001:2013 Internal Auditor (Good to have) Good understanding of the International Standards Basic technical understanding of information security concepts 3-5 years of experience in compliance-related activities Good interpersonal skills Familiar with industry standards such as ITIL, PCI DSS, ISO 27001 Self-starter and willing to roll up the sleeves and work with the team