Primary responsibilities of this role include responding to due diligence questionnaires, conducting policy reviews, and ensuring adherence to ISO 27001 and SOC2 security compliance controls.
Responsibilities
* Excellent communication skills in the English language.
* Respond to due diligence questionnaires from clients, partners, and regulatory bodies.
* Conduct thorough reviews of existing security policies and procedures to ensure alignment with ISO 27001 and SOC2 security controls.
* Assist in the development and implementation of new security policies, procedures, and supporting artifacts.
* Monitor and report on compliance status and progress; engage cross‑organizationally to collect supporting artifacts and implement new controls.
* Collaborate with internal teams to address compliance‑related issues and gaps.
* Conduct internal and external audits related to security compliance, access reviews, firewall audits, and other required processes.
* Use security tools such as EDR and SIEM to automate compliance activities.
* Stay updated on the latest compliance requirements and industry best practices.
* Provide training and support to staff on compliance‑related matters via security newsletters, yearly security awareness training, and phishing exercises.
Skills and Qualifications
* Bachelor's degree in Information Security, Computer Science, or related field.
* 3‑5 years of experience in a security compliance, GRC, or related information security role.
* Strong understanding of ISO 27001 and SOC2 compliance frameworks, as well as NIST defined standards.
* Excellent written and verbal communication skills, via email and on calls.
* Detail‑oriented with strong analytical and problem‑solving abilities.
* Ability to work independently and as part of a team.
* Experience using Jira, Confluence, and SharePoint for collaboration.
* At least one relevant certification (e.g., CISA, CASP+, CISM, ISO 27001 Lead Auditor).
Comply is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity, or national origin. Nothing in this job posting should be construed as an offer or guarantee of employment.
Applicants must be authorized to work for any employer in the United Kingdom. Currently, we are unable to sponsor or take over sponsorship of an employment Visa at this time.
#J-18808-Ljbffr