Job Description

Locations

• Bengaluru, India

Salary

Skills Required

• SOC 2intermediate
• ISO 27001/27018intermediate
• HIPAAintermediate
• PCIintermediate
• C5intermediate
• GDPRintermediate
• NIST 800-53intermediate
• Jiraintermediate
• Confluenceintermediate
• CISMintermediate
• CISAintermediate
• CISSPintermediate
• ISO 27001 Lead Auditorintermediate
• Technology Risk Managementintermediate
• Complianceintermediate
• Information Securityintermediate
• Control and risk frameworksintermediate
• Compliance and risk assessmentsintermediate
• Mitigation projectsintermediate
• Translating compliance requirementsintermediate
• Scope determinationintermediate
• Timeline creationintermediate
• Complex project trackingintermediate
• Risk managementintermediate
• Process improvementintermediate
• Teamworkintermediate
• Collaborationintermediate
• Commitmentintermediate

Required Qualifications

• Minimum 8+ years of experience in a similar role with exposure in IT audit, compliance, or a related field (experience)
• Experience with SOC 2, ISO 27001/27018, HIPAA, PCI, C5 and GDPR frameworks and requirements (experience)
• Familiarity with compliance frameworks and standards such as NIST 800-53 (experience)
• Experience with the software development business for cloud service providers (experience)
• Experience with Technology Risk Management, Compliance and Information Security (experience)
• Experience with control and risk frameworks, performing compliance and risk assessments, creating controls and overseeing mitigation projects (experience)
• Experience with translating compliance requirements to engineering and product teams (experience)
• Experience with determining scope, timeline creation, complex project tracking, risk management, and process improvement (experience)

Preferred Qualifications

• Familiarity with Jira and Confluence (experience)
• Relevant certifications such as CISM, CISA, CISSP, or ISO 27001 Lead Auditor (experience)

Responsibilities

• Design and implement controls and mitigation plans, and lead aspects of their implementation
• Facilitate reporting on findings, mitigation plans, and controls performance
• Work with senior management to create their compliance strategy and improve their controls portfolio
• Identify areas of improvement in facilitating audits with customers to refine the process and respond to customer inquiries promptly
• Formalise and lead improvements of GRC function operations - processes, metrics, reporting, and analytics
• Provide regular status updates ensuring everyone is aware of progress and road-blockers
• Work with product and functional teams to understand and respond to their compliance and assurance needs and concerns
• Manage compliance related programs including the performance of gap assessments for new compliance frameworks
• Promote effective teamwork, collaboration, and commitment across the Product Compliance team and the broader organisation
• Seek opportunities to improve processes and collaboration to increase team output and team health
• Perform regular risk assessments for your business function
• Prepare annual audit plans, develop audit direction, and align with stakeholders on audit timetables
• Develop timeline for internal readiness assessment activities and obtain alignment from all stakeholders
• Maintain comprehensive documentation of controls, testing procedures, and evidence to support compliance efforts
• Work closely with internal stakeholders, including product and functional teams, to address architectural, infrastructure, or new services that impact compliance
• Identify opportunities for process improvements and implement best practices to enhance the efficiency and effectiveness of the readiness testing process

Benefits

• general: Health and wellbeing resources
• general: Paid volunteer days
• general: Wide range of perks and benefits designed to support you, your family and to help you engage with your local community

Tags & Categories