LotusFlare - Security Compliance Engineer - ISO (5-8 yrs)

Summary :

The Security Compliance engineer plays a crucial role in ensuring our organization's adherence to internal security policies, industry regulations, and legal requirements.

This individual will work collaboratively with various teams to assess, monitor, and enhance our IT security posture.

Responsibilities :

- Compliance Assessment : Conduct regular assessments of IT systems, processes, and controls to identify vulnerabilities and ensure compliance with security standards.

- Privacy Impact Assessment : Conduct regular PIA assessments for various projects in LotusFlare.

- Policy Development and Implementation : Assist in the development, implementation, and maintenance of IT security policies, procedures, and guidelines.

- Risk Management : Identify, assess, and mitigate IT security risks through proactive measures and incident response.

- Audit Support : Collaborate with internal and external auditors to facilitate IT security audits and provide necessary documentation.

- Security Awareness : Promote security awareness across the organization through training programs and communication initiatives.

- Incident Response : Participate in incident response activities, including investigation, containment, and remediation.

- Vendor Management : Assess the security posture of third-party vendors and ensure compliance with our security requirements.

Qualifications :

- Bachelor's degree in Computer Science, Information Systems, or a related field.

- 5+ years of experience in IT security compliance or a related role.

- Strong understanding of IT security frameworks, such as ISO 27001, ISO 27701, NIST, and CIS.

- Knowledge of industry regulations, such as GDPR, CCPA.

- Experience with risk assessment methodologies and tools.

- Excellent analytical, problem-solving, and communication skills.

- Ability to work independently and as part of a team.

- Professional certifications, such as CISA, CISM, or CISSP, are a plus.