Outscal Logooutscal logo

IT and Security Compliance Specialist/Manager

5 Months ago • 7-12 Years • Cyber Security

Job Summary

Job Description

This role requires 7-12 years of experience in IT security & compliance. You'll ensure adherence to industry regulations like ISO 27001, SOC2, GDPR, HIPAA, and PCI-DSS. Strong knowledge of compliance frameworks and risk management are essential.
Must have:
  • IT Security & Compliance
  • Compliance Frameworks
  • Risk Management
  • Security Audits
Good to have:
  • GRC Tools
  • Compliance Automation
  • Cloud Security
  • Third-Party Risk
Perks:
  • Best in Industry
  • Full-Time

Job Details

Job Overview:

This position is for 7-12 years' experience IT and Security Compliance Specialist ensures that the organization’s IT systems and processes adhere to regulatory, security, and compliance standards. This role involves conducting audits, risk assessment, managing security policies, ensuring adherence to industry regulations (e.g., ISO (at least 3 Information Security related), SOC2, GDPR, HIPAA, PCI-DSS), and working with various departments to maintain a secure and compliant IT environment.

1. Compliance Management:
a. Ensure compliance with applicable security standards, frameworks, and regulations (e.g., ISO 27001, NIST, SOX, GDPR, HIPAA, PCI-DSS).
b. Conduct regular internal audits of IT systems, applications, and processes to identify potential compliance issues.
c. Develop and maintain IT security policies and procedures aligned with industry best practices.
d. Assist in the preparation and submission of compliance reports to regulatory bodies as required.

2. Risk Management:
a. Identify, assess, and mitigate IT security risks.
b. Work with IT teams to implement risk mitigation strategies.
c. Monitor emerging security risks and implement appropriate controls.

3. Security Awareness and Training:
a. Develop and deliver security awareness training for employees to ensure a strong security culture.
b. Ensure that security policies and procedures are communicated and enforced across the organization.

4. Incident Response and Investigation:
a. Support incident response activities by helping investigate security incidents and breaches.
b. Conduct forensic investigations and recommend actions to prevent future incidents.

5. Vendor and Third-Party Risk Management:
a. Evaluate third-party vendors and contractors to ensure their compliance with organizational security and privacy standards.
b. Manage security agreements and ensure ongoing monitoring of third-party security practices.

6. Collaboration:
a. Collaborate with IT, Human Resource, legal, and other relevant departments to ensure compliance with contractual obligations related to IT and data security.
b. Act as a liaison between IT teams and external auditors or regulatory bodies during audits and assessments.

7. Continuous Improvement:
a. Stay updated with the latest compliance regulations, security trends, and technologies.
b. Propose improvements to the organization’s security and compliance posture.

Requirements

• Education:
o Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field.
o Having anyone of certifications is preferred (e.g., CISSP, CISA, CISM, CRISC).

• Experience:
o Minimum of 7 years of experience in IT security & compliance, or a related field.
o Working knowledge of GRC tools and compliance automation tools like Drata, Sprinto, Vanta is added advantage.
o Strong knowledge of compliance frameworks (e.g., SOC2, GDPR, HIPAA, ISO 27001, PCI-DSS).

• Technical Skills:
o Knowledge of security technologies, risk management, and vulnerability assessment tools.
o Familiarity with cloud security and third-party risk management.
o Experience with security audits and compliance assessments.

• Soft Skills:
o Strong analytical and problem-solving skills.
o Excellent communication and interpersonal skills.
o Ability to work independently and collaboratively in a team environment.
o Strong attention to detail and ability to handle sensitive information with discretion.

Similar Jobs

Topsoe - Senior Software Engineer

Topsoe

New Delhi, Delhi, India (On-Site)
4 Months ago
Barracuda Networks  Inc  - Senior Security Engineer

Barracuda Networks Inc

Bengaluru, Karnataka, India (On-Site)
4 Months ago
Axinous - Senior Payroll Specialist

Axinous

San Jose, California, United States (Hybrid)
3 Months ago
Axinous - Account Executive- Enterprise

Axinous

Tamil Nadu, India (Remote)
3 Months ago
Krafton  - [Infra Div.] Cloud Security Engineer (5년 이상)

Krafton

Seoul, South Korea (On-Site)
4 Months ago
PwC - Risk Services - Communication and Marketing Specialist

PwC

Singapore (On-Site)
5 Months ago
ION - IT/Cyber Security Analyst

ION

London, England, United Kingdom (On-Site)
4 Months ago
Palo Alto Networks - Domain Consultant Network Security Transformation

Palo Alto Networks

Stuttgart, Baden-Württemberg, Germany (On_site)
3 Months ago
Sonar Source - Security Engineer

Sonar Source

Austin, Texas, United States (On-Site)
4 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Axinous - Deputy Manager- Finance Transformation

Axinous

Bengaluru, Karnataka, India (Hybrid)
3 Months ago
Palo Alto Networks - Prisma Cloud Solution Architect

Palo Alto Networks

Baton Rouge, Louisiana, United States (Remote)
3 Months ago
Arrow Electronics - Architect - SecOps

Arrow Electronics

Karnataka, India (On-Site)
4 Months ago
Axinous - Regional Director, Commercial - Heartlands

Axinous

Wisconsin, United States (Remote)
3 Months ago
Supercell - Senior Server Engineer

Supercell

Helsinki, Uusimaa, Finland (On-Site)
4 Months ago
Axinous - Senior Manager, International Tax

Axinous

Sahibzada Ajit Singh Nagar, Punjab, India (On-Site)
4 Months ago
Axinous - Principal SWE - ZTW Cloud Connector (Federal)

Axinous

San Jose, California, United States (Hybrid)
4 Months ago
ION - Senior Security Architect

ION

Italy (On-Site)
4 Months ago
Mouser Electronics - Senior Cloud Engineer

Mouser Electronics

Pune, Maharashtra, India (On-Site)
4 Months ago
HRS Group - Security Compliance Engineer (all genders)

HRS Group

Sahibzada Ajit Singh Nagar, Punjab, India (Hybrid)
4 Months ago

Get notifed when new similar jobs are uploaded

Jobs in Hyderabad, Telangana, India

Gamemano - Product Manager

Gamemano

Noida, Uttar Pradesh, India (On-Site)
6 Months ago
Warner Bros Discovery - Senior Software Engineer - Backend Development ( QoE Platform Team), Bangalore

Warner Bros Discovery

Bengaluru, Karnataka, India (On-Site)
3 Months ago
Hitachi - Azure Infra Consultant

Hitachi

Pune, Maharashtra, India (Remote)
4 Months ago
Visa - Lead SW Engineer

Visa

Bengaluru, Karnataka, India (On-Site)
4 Months ago
PwC - IN_Senior Associate_SAP FICO_Enterprise APP SAP- Advisory _ Mumbai

PwC

Mumbai, Maharashtra, India (On-Site)
4 Months ago
GLG - Coordinator, Talent Acquisition (Scheduling, Coordinating)

GLG

Gurugram, Haryana, India (Hybrid)
5 Months ago
PhonePe - Software Engineer - Test (4-6yrs) - (Pune)

PhonePe

Pune, Maharashtra, India (On-Site)
3 Months ago
Easyship - Senior Frontend Engineer

Easyship

Bengaluru, Karnataka, India (On-Site)
4 Months ago
Aristocrat Gaming - Sr Technical Artist II

Aristocrat Gaming

Gurugram, Haryana, India (Hybrid)
4 Months ago
DAZN - Senior Software Architect

DAZN

Hyderabad, Telangana, India (On-Site)
4 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

Palo Alto Networks - Prisma Cloud Solutions Architect - Healthcare

Palo Alto Networks

Albuquerque, New Mexico, United States (Remote)
3 Months ago
ION - Pen Tester, Italy

ION

Italy (Hybrid)
4 Months ago
PwC - Asistente de Auditoría de Sistemas

PwC

Panama City Beach, Florida, United States (On-Site)
5 Months ago
PwC - Oracle EPM - Senior Associate

PwC

Mumbai, Maharashtra, India (On-Site)
4 Months ago
PwC - IN-Senior Associate_ITGC _Strategy and Governance_ Advisory_Bangalore

PwC

Bengaluru, Karnataka, India (On-Site)
5 Months ago
Axinous - Android Software Engineer (Networking)

Axinous

San Jose, California, United States (Hybrid)
4 Months ago
PwC - L3 SIEM (Security Information and Event Management) SME

PwC

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
5 Months ago
PwC - Cyber Incident & Crisis Management | Manager | Cyber Security | Technology Consulting

PwC

Dublin, County Dublin, Ireland (On-Site)
5 Months ago
PwC - Forensic Manager

PwC

Toronto, Ontario, Canada (On-Site)
5 Months ago
Google - Cloud Technical Solutions Engineer, Security

Google

Bengaluru, Karnataka, India (On-Site)
4 Months ago

Get notifed when new similar jobs are uploaded