INFORMATION SYSTEMS SECURITY COMPLIANCE ANALY

Responsibilities:

1. Collaborate with the CISO, CTO, and CCO to advance security policies and procedures.
2. Monitor and report on compliance metrics and key performance indicators.
3. Continuously monitor and analyze emerging security threats and evolving compliance landscapes to ensure the organization's security posture remains robust.
4. Assist in the Information Systems Security Risk Assessment process by evaluating and mitigating potential risks to the organization.
5. Implement and maintain security and compliance controls.
6. Oversee the planning and reporting of Disaster Recovery (DR) testing and Business Continuity Plan (BCP) testing to ensure business resilience.
7. Work closely with various departments to gather and organize evidence that supports compliance with industry frameworks, such as SOC 2, PCI-DSS, NIST CSF, and other relevant cybersecurity frameworks.
8. Supply organized evidence to third-party auditors and facilitate smooth audit processes by answering queries and ensuring documentation is in order.
9. Collaborate with business departments to ensure policies and procedures are followed.

1. Assist in the development and maintenance of security-related documentation and procedures.
2. Assist in the assessment and monitoring of third-party vendor security practices.
3. Support internal teams with compliance and audit readiness efforts.
4. Assist in the development and maintenance of incident response plans and participate in incident response activities as needed.
5. Utilize knowledge of AWS cloud services (such as Cloudwatch, Cloudtrail, RDS, S3, etc.) and understand their impact on security and compliance.
6. Participate in security awareness training programs for employees.

1. Maintain a respectful demeanor towards customers and fellow workforce members.
2. Demonstrate strong communication skills, both oral and written.
3. Stay current on your role and industry developments.
4. Perform all duties as assigned in a timely and professional manner.
5. Comply with all company compliance requests efficiently.
6. Immediately report any breach or potential breach of sensitive customer data to management.

Qualifications & Experience:

• Bachelor's degree in Information Technology, Information Security, or related field.
• Relevant certifications (e.g., CISSP, CISM, CRISC, or equivalent)
• Excellent organizational skills with attention to detail and ability to manage multiple tasks.
• Experience in information security risk assessment or compliance-related roles.
• Some familiarity with security compliance frameworks (SOC 2, PCI-DSS, NIST CSF).
• Strong communication and interpersonal skills to interact with both technical and non-technical teams.
• Ability to organize and present evidence to external auditors.
• Knowledge of AWS cloud services.
• Analytical skills with the ability to problem-solve and think critically about security and compliance issues.