26 Nov 2024
We are looking for an Information Security and Compliance Analyst for our Compliance team.
Experience: 1 to 3 Years
Location: Mohali - Work from Office
Shift timings: Morning Shift
Job Responsibilities:
Develop, implement, and maintain compliance programs and initiatives to ensure adherence to security requirements for ISO 27001:2022, SOC 2 Type II, HIPAA, PCI DSS, GDPR, etc.
Create and maintain policies, procedures, standards, and documentation related to compliance activities.
Manage and maintain internal control frameworks to mitigate risks and ensure compliance with regulatory standards.
Conduct periodic assessments and audits of internal controls to identify gaps and areas for improvement.
Develop and implement remediation plans to address control deficiencies.
Coordinate and support external audits and assessments, such as SOC 2 Type II, HIPAA, and ISO 27001 audits.
Ensure compliance with external regulatory requirements and assist in responding to audit findings and inquiries.
Provide training and awareness programs to employees on compliance policies, procedures, and best practices.
Foster a culture of compliance and awareness throughout the organization.
Experience with any GRC platform like Drata, Vanta, or any other.
Identify opportunities to improve compliance processes and controls.
Collaborate with cross-functional teams to gather document requirements and ensure alignment with organizational goals.
Communicate effectively with stakeholders regarding document status, updates, and requirements.
Conduct quality checks on documents to ensure they meet quality standards and regulatory requirements.
Minimum Requirements:
Bachelor’s degree in Business Administration, Information Systems, or a related field.
1-3 years of experience in compliance management, preferably in a regulated industry.
In-depth knowledge of SOC 2 Type II, HIPAA, and ISO 27001 security requirements.
Experience developing and implementing compliance programs and controls with a Strong understanding of internal control frameworks and risk management principles.
Effective communication and interpersonal skills.
Ability to work independently and collaboratively in a dynamic environment.