Job Responsibilities:
- ISO 27001 Implementation:
- Support the implementation of ISO 27001 Information Security Management System (ISMS) program and relevant certifications.
- Collaborate with cross-functional teams to establish and maintain security policies, procedures, and controls.
- Internal Audits:
- Plan, execute, and manage internal audits to assess compliance with ISO 27001 standards and other relevant standards.
- Identify areas of improvement and provide recommendations for enhancing security and compliance measures.
- Compliance Standards:
- Stay current on industry-specific compliance standards such as SOC 2, HIPAA, FedRAMP, and others applicable to the organization.
- Implement and manage compliance programs to meet regulatory requirements.
- Risk Management:
- Conduct risk assessments and work with relevant teams to develop mitigation strategies.
- Documentation and Reporting:
- Maintain accurate and up-to-date documentation related to security and compliance activities.
- Prepare and deliver reports to management on the status of security and compliance initiatives.
- Collaboration:
- Collaborate with internal teams, external auditors, and third-party vendors to facilitate compliance assessments and audits.
Qualifications:
- Bachelor’s degree in information security, Computer Science, or a related field.
- Professional certifications such as CISA, CISSP, ISO 27001 Lead Auditor, or equivalent.
- Proven experience in implementing ISO 27001 and conducting internal audits.
- Familiarity with other compliance standards such as SOC 2, HIPAA, FedRAMP, etc.
- Strong understanding of risk management principles and methodologies.
- Excellent communication and interpersonal skills.
- Ability to work independently and as part of a team.
- Experience with GRC tools.
Wage ranges are based on various factors including the labor market, job type, and job level. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location.