Job Description:
• Perform regular audits of key PCI, SOC2, and ISO27001 compliance controls, including but not limited to user access termination, vulnerability management, and verification of security configurations across technology platforms.
• Proactively communicate and escalate identified control deficiencies to Management for remediation in advance of external audits.
• Develop and maintain documentation specific to compliance activities within Managed Services, including policies, procedures, and audit reports.
• Generate regular reports on compliance status, audit findings, risk management activities, and KPI performance within the Managed Services context for management and stakeholders.
• Ensure all documentation adheres to regulatory requirements and organizational standards within the Managed Services realm.
• Assist in the preparation for and execution of compliance audits for SOC2, ISO27001, PCI DSS, and other relevant standards within the Managed Services domain.
• Collaborate closely with external auditors, providing documentation, evidence, and assistance throughout the audit process.
• Work alongside internal teams to address audit findings and implement corrective actions in alignment with Managed Services requirements.
Requirements:
• Bachelor's degree in computer science, information security, or related field, or equivalent work experience.
• 5 years’ experience in information security, GRC, or related roles, with a focus on program maturity and optimization
• Strong analytical, critical thinking, and problem-solving skills
• Strong knowledge of multiple regulatory requirements and compliance frameworks (NIST, ISO, SOX, SOC, PCI, GDPR, etc.)
• Excellent understanding of information security principles, risk assessment methodologies, and security controls
• Experience with GRC tools and platforms is preferred
Benefits:
• Annual bonus target of 10% subject to terms and conditions of plan
Apply Now
Apply Now