Job Summary
Execute certification e.g. ISO27001 and compliance roadmap
working with cross-functional teams and external & internal auditors.
Accurately interpret, map, and communicate information
systems compliance regulations and requirements within the organization,
leveraging best practices.
Provide the organization with recommendations to improve
compliance with policies, standards and external requirements and continually
analysing for opportunities for process optimization.
Support leadership teams to develop and expand continuous
monitoring processes to assess compliance with information security policies
and standards, legal and regulatory compliance.
Develop information technology security policy, standard
etc. based on regulatory/external requirement and leading practices update
organization information technology security policies accordingly.
Monitor open audit items from internal audits and external
compliance/certification audits to ensure completion of remediation activities
defined in the agreed action plans and risk treatment plans.
Conduct internal compliance and risk assessments audits to
system and vendor at planned intervals and on an ad hoc basis to evaluate and
validate the design and operational effectiveness of policies, standards, and
internal control framework to help reduce risk in the organization.
Organize and efficiently manage internal audits,
internal/external compliance, and certification audits for the organization.
Provide security policy and cybersecurity awareness to staff
and vendor.
Monitor noncompliance for data lost prevention and firewall
policy, take necessary action to improve process/reduce risk for the
organization.