Security & Compliance Specialist

As a Security & Compliance Specialist, you will be responsible for overseeing the development, evaluation, and implementation of governance, risk, and compliance in the Information Security department. Your key responsibilities will include: - Providing operational and conformance checking of implemented information security, undertaking specific audit tasks, and ensuring audit lifecycle compliance. - Undertaking regular conformance checking tasks to ensure compliance meets acceptable security levels in various audits. - Managing critical tasks and requests from security projects to ensure successful project delivery and resource management. - Working with Technology, Business, and Third Party vendors/partners to manage inter-dependencies and work-streams across multiple projects for on-time project delivery. - Providing consulting services for Technology & Business teams for Audit Security process and implementation of controls. - Defining Security assessment scope, requirements, timelines, and goals. - Proactively reviewing gaps found in audits related to systems and access controls on risks like Cyber Threats, Data Security, and compliance, and communicating for timely mitigation actions. - Supporting in managing internal and external InfoSec audits, status of Security assessment, Report Observations, and remediation within agreed timelines. - Liaising with business stakeholders to ensure all desired requirements are delivered. - Delivering Security Assessments projects on time with root-cause analysis, clear action plans, and obtaining sign-off from relevant parties. Preferred Skills: - Ensuring compliance with local, federal, and international regulatory and legal requirements. - Staying updated on major privacy and data protection laws. - Experience in handling various Security Assessments and regulatory requirements including PCI-DSS, ISO27001, GDPR, CCPA, SOC2, and privacy shield. - Practical understanding of security standards, processes, and risk frameworks. - Knowledge of current industry best practices, standards, and security technologies. - Strong time management, communication, prioritization skills, and ability to work with both Technical and Non-Technical business owners. - Driving integration with Compliance teams, conducting deep dives into specific areas of focus, and reviewing process flows for potential risks. - Contributing to Group ISMS content development and maintaining maturity. - Acting as the interface between custom authorities and colleagues/partners on customs audits. Required Qualifications: - Bachelor/Master of Science degree in Computer Science, Engineering, Telecommunications, or management. - 6/6+ years of experience in audits and compliance management. - Knowledge of certifications and frameworks like NIST, HIPAA, ISO 27K, PCI-DSS, and SOC2. - Excellent planning, multi-tasking, organization, problem-solving, and communication skills. - Holding certifications like ISO9001, ISO 27001, and Green belt would be an added advantage.,