Lead - Security & Compliance

We are seeking a Lead - Security and Compliance to be part of our Shared Services team, through our journey of transformation as we transition to a SaaS-first organization. This role will be responsible for designing, implementing, and maintaining the security posture, enabling the organization to meet audit and compliance requirements for various standards (NIST, ISO 27001, SOC2, HIPAA). This role would play a bridge between cybersecurity, risk management, governance and compliance, by leading security initiates, develop and implement policies and work with stakeholders to build and maintain a robust security posture. 

Role and Responsibilities:

● Security Governance & Leadership:

• Define and enforce the organization’s information security policies, standards, and procedures.
• Lead security awareness and training programs for employees.
• Establish governance frameworks based on ISO 27001, NIST, HIPAA, SOC2.
• Be the POC for internal and external security audits alongside CISO.

● Compliance Management:

• Ensure compliance with regulatory requirements such as HIPAA, SOC2.
• Coordinate and manage external audits, certifications, and regulatory assessments (along with CISO).
• Maintain and update compliance documentation, including risk registers and audit reports.
• Work with the customer operations team to interpret and implement compliance requirements.

● Risk Management:

• Identify, assess, and manage security risks across IT systems and business processes.
• Conduct regular risk assessments, vulnerability assessments, and penetration tests.
• Develop risk mitigation strategies and track remediation efforts.
• Report risks, incidents, and compliance status to senior leadership. 

Qualifications

• Bachelor's degree in Computer Science, or a related field.
• 10+ years of experience working in Security and Compliance.
• One or two of the Certifications: CISSP, CISM, CISA, CCSP, HIPAA
• Strong knowledge of information security frameworks (ISO 27001, NIST, SOC2).
• Deep understanding of compliance regulations (especially HIPAA).
• Solid background in risk assessment, incident response, and security auditing.
• Strong leadership and stakeholder management skills.
• Excellent communication and reporting abilities (executive-level presentations).
• Collaborative mindset with strong communication skills. 

Job Location : Guindy , Chennai

Work from office - 5 days

Preferred candidates from chennai location

Kindly send your resume to vinothkumarm@coresolutionsinc.com

Regards

Vinoth Kumar M