Cybersecurity Compliance Expert - China CSL

Job Description

Job Description: Cybersecurity Compliance Expert Position Overview The Cybersecurity Compliance Expert is responsible for supporting the implementation of controls across various regulatory compliance requirements, managing exceptions to cyber policies, monitoring key performance indicators (KPIs) and key risk indicators (KRIs) for cybersecurity, and supporting internal and external audits. This role is critical in ensuring the organization's cybersecurity posture aligns with regulatory standards and best practices. Key Responsibilities 1. Implementation of Controls Support the implementation of controls to meet various regulatory compliance requirements such as NIS-2, China Cybersecurity Law (CSL), and other relevant regulations. Collaborate with cross-functional teams to ensure compliance controls are effectively integrated into business processes. 2. Policy Exception Management Manage exceptions to cybersecurity policies, ensuring that deviations are documented, justified, and approved according to organizational procedures. Conduct regular reviews of policy exceptions to assess risk and recommend mitigation strategies. 3. Monitoring and Reporting Monitor cybersecurity KPIs and KRIs to track the effectiveness of security measures and identify areas for improvement. Prepare and present regular reports on cybersecurity metrics to senior management and stakeholders. 4. Audit Support Provide support for internal and external audits related to cybersecurity compliance. Coordinate with auditors to provide necessary documentation and evidence of compliance. Assist in the remediation of audit findings and implementation of corrective actions. Qualifications Education: Bachelor's degree in Information Security, Computer Science, or a related field. Experience: Minimum of 5 years of experience in cybersecurity compliance, risk management, or a related area. Certifications: Relevant certifications such as CISSP, CISM, or CISA are preferred. Skills: Strong understanding of regulatory compliance requirements (e.g., NIS-2, China CSL). Excellent analytical and problem-solving skills. Ability to manage multiple tasks and projects simultaneously. Effective communication and interpersonal skills. Proficiency in using cybersecurity tools and technologies. Interested candidates can share their updated resume to rolly.martin@thompsonshr.com