Information Security Compliance Administrator

Role & responsibilities :

Policy & Standards Management

•  Develop, maintain, and update security policies and procedures aligned with SOC 2, ISO 27001, and other relevant frameworks.
• Ensure documentation reflects current regulatory requirements and internal practices.

Compliance Auditing & Control Monitoring

• Conduct internal audits to assess compliance with security policies and standards.
• Collaborate with internal stakeholders and external auditors during assessments and certification processes.
• Track and report on remediation efforts for audit findings.
• Apply industry leading practices to identify risks and opportunities of improvement.

Technical Platform Administration

• Manage compliance-related platforms (e.g., GRC tools, policy management systems).
• Support automation of compliance workflows and reporting.

Security Awareness & Training

• Design and maintain a security awareness training program tailored to different roles and geographies.
• Track participation and effectiveness of training initiatives.
• Coordinate phishing simulations and other awareness campaigns.

Trust Package Development

• Build and maintain a trust package that includes up-to-date security documentation, certifications, audit reports, and FAQs.
• Ensure materials are accurate, accessible, and aligned with customer and auditor expectations.
• Work with the legal, sales, and corporate services teams to assist in trust and transparency initiatives.

Cross-Functional Collaboration

• Work with ETS, Legal, HR, and other departments to ensure security controls are implemented and understood.
• Provide guidance and training on compliance requirements and best practices.

Preferred candidate profile

• Bachelors degree in Information Security, Computer Science, or a related field.
• 5 years of experience in information security compliance or audit.
• Strong knowledge of SOC 2, ISO 27001, and other regulatory frameworks (e.g., NIST, HIPAA, GDPR).
• Experience with compliance platforms (e.g., Drata, Vanta, OneTrust, ZenGRC).
• Experience designing or managing security awareness programs.
• Experience developing trust packages or customer-facing security documentation is a plus.
• Excellent written and verbal communication skills.
• Certifications such as CISA, CISSP, or ISO 27001 Lead Implementer/Auditor are preferred and may be required depending on project needs.

Kindly requesting candidates to apply using the below link:

https://hire.lever.co/candidates?postingIds%5B%5D=7614aca9-8527-4a85-af15-c521beb12d24&view=all