Compliance Manager

Information Security Compliance Manager

Location:

Experience:

Work Mode:

About The Role

What You’ll Do

Compliance Leadership & Program Management

• Lead and manage the organization’s information security and privacy compliance programs, including data protection, regulatory risk management, and compliance testing.
• Own remediation efforts, providing clear guidance and tracking to ensure timely closure of compliance gaps.
• Continuously assess and improve existing compliance policies, controls, and processes.
  

Compliance Reporting & Risk Assessments

• Plan, coordinate, and execute internal compliance reviews and risk assessments aligned with ISO 27001, ISO 27701, PCI-DSS, and other relevant frameworks.
• Develop and maintain framework and tools that enable effective measurement of compliance maturity.
• Conduct security risk assessments and compliance checks across IT systems and business processes.
  

Governance & Reporting

• Collect, analyze, and deliver detailed compliance reports to senior management and relevant stakeholders.
• Investigate and document compliance issues, security incidents, and audit findings.
• Facilitate cross-functional communication to ensure compliance risks are understood and mitigated.
  

Training & Awareness

• Design and deliver information security and privacy training sessions for new employees and ongoing awareness campaigns for existing staff.
• Develop materials that clearly articulate compliance requirements and promote a culture of security.
  

Operational Controls & Reviews

• Conduct periodic reviews of critical systems including Active Directory, HRMS, privileged access, firewall rules, and patch management controls.
• Collaborate with IT and business teams to ensure compliance-related controls are implemented and effective.
  

Org Certifications & Audits

• Collaborate with external auditors and stakeholders to maintain org certifications and facilitate external audits
  

What We’re Looking For

Qualifications & Experience:

• Graduate with 5 to 7 years in information security compliance, governance, risk management, or related roles.
• Hands-on experience with compliance standards and frameworks including ISO 27001, ISO 27701, PCI-DSS, and data privacy regulations.
• Proven track record of managing audit processes, compliance testing, and remediation programs.
• Experience collaborating across technical and business functions to embed compliance in organizational culture.
  

Technical & Professional Skills

• Strong knowledge of security frameworks and best practices (NIST, ISO, PCI-DSS, GDPR, etc.).
• Ability to interpret and apply regulatory requirements and industry standards.
• Excellent communication skills to present complex compliance topics clearly to diverse audiences.
• Strong project management skills with the ability to prioritize and drive multiple initiatives.
• Demonstrated leadership and negotiation skills to influence stakeholders and build consensus.
  

Preferred Certifications

• ISO 27001 Lead Auditor or Lead Implementer
• ISO 27701 Lead Auditor or Lead Implementer
• Certified Information Security Auditor (CISA)
• Certified Information Security Manager (CISM)
• CompTIA Security+
  

Nice To Have

• Knowledge of ITIL processes, PCI-DSS specifics, and Personal Data Protection regulations.
• Familiarity with cloud security compliance (AWS, Azure, GCP).
• Experience with governance, risk, and compliance (GRC) tools and exposure to using AI.
  

Visit our tech blogs to learn more about some the challenges we deal with: