Experience
5-9 Years
Skill (Primary)
Cyber Security-IT GRC-REGULATORY COMPLIANCE MANAGEMENT
Qualification
Bachelor of Technology/ Engineering
Location
Noida
Job Family
Cybersecurity Risk & Compliance
Job Description (Posting).
The Project/Compliance Manager in Security and Compliance will be a subject matter expert in Information security and regulatory compliance, responsible for supporting and managing compliance programs and projects specifically for (but not limited to) ISO-SOC2-PCI-HIPAA.
Duties
Lead and manage security and compliance initiatives such as SOC 2, ISO 27k family, PCI DSS, or similar (as applicable), facilitate education, drive issue remediation, and make recommendations that maintain compliance with company commitments.
Contribute to the continual development and improvement of the Information Security Management System.
Develop and maintain security and compliance governance policies
Ensure alignment with legal, regulatory, and contractual obligations
Work cross-functionally with Product, Engineering, IT, Legal, and Customer teams
Lead and manage internal and external regulatory audits and reviews to ensure compliance standards are met and active certification is maintained.
Conduct investigations to discover the root cause of issues arising from audit or daily operations and work with teams to manage the closure of any audit findings.
Respond to customer questionnaires regarding security and compliance and ensure RFQs are completed with the highest compliance standards.
Deliver executive status reports.
Required
5-7nyears of experience in Project or Program Management and regulatory compliance.
Have strong knowledge of information security and regulatory compliance.
Experience in internal auditing.
ISO 27001 Lead/internal auditor certified
Flexibility to travel for audits as required.
Experience in planning and supervising activities for multiple, large-scale projects.
Duties
Lead and manage security and compliance initiatives such as SOC 2, ISO 27k family, PCI DSS, or similar (as applicable), facilitate education, drive issue remediation, and make recommendations that maintain compliance with company commitments.
Contribute to the continual development and improvement of the Information Security Management System.
Develop and maintain security and compliance governance policies
Ensure alignment with legal, regulatory, and contractual obligations
Work cross-functionally with Product, Engineering, IT, Legal, and Customer teams
Lead and manage internal and external regulatory audits and reviews to ensure compliance standards are met and active certification is maintained.
Conduct investigations to discover the root cause of issues arising from audit or daily operations and work with teams to manage the closure of any audit findings.
Respond to customer questionnaires regarding security and compliance and ensure RFQs are completed with the highest compliance standards.
Deliver executive status reports.
Required
5-7nyears of experience in Project or Program Management and regulatory compliance.
Have strong knowledge of information security and regulatory compliance.
Experience in internal auditing.
ISO 27001 Lead/internal auditor certified
Flexibility to travel for audits as required.
Experience in planning and supervising activities for multiple, large-scale projects.