We are hiring a Security Compliance Consultant with at least 5+ years’ experience.
This is a part-time role contract.
Our primary hosting platform is Azure, and we leverage various analytics, storage and orchestration tools on the Azure environment for use in our product.
Regulations and Security Standards Utilised:
- SOC 2 TYPE 2
- Review and improve the global Information Security Compliance framework at Omnisient to adhere to the strictest global compliance regulations.
- Contribute to defining and implementing the future strategy around Information Security Compliance at Omnisient.
- Plan, scope, develop and assist in the coordination, execution, and communication of new, and ongoing Information Security compliance initiatives relevant to the implementation of Information Security Compliance efforts.
- Identify security risks to the business units and ensure appropriate data security procedures and products are implemented in projects and technology.
- Ensure global Information Security resources have the proper knowledge to adhere to compliance regulations.
- Act as a liaison to the business and Information Security groups and assist them in the implementation of data security, compliance requirements, and information security technologies.
- Estimate the level of effort needed to administer and maintain the procedures associated with any recommended security initiatives
- Develop KPIs and KRIs to help manage team performance and key risks that can impact organizational compliance and regulatory requirements.
- Report on the current Information Security Compliance posture, identify compliance gaps and develop corrective action planning to remediate gaps, follow up on remediation with control owners, and report to stakeholders.
- Take full responsibility for Information Security system compliance as the validation leader role of the assigned area, by getting involved early in the design/development process of new systems, solutions, and products to ensure compliance by design, to ensure that compliance with laws and regulations, and internal policies and procedures are built-in the newly developed solution or product.
- Utilize the Governance, Risk, and Compliance (GRC) platform to crosswalk between different compliance requirements applied to the same systems to ensure efficient and effective compliance utilization by “Securing Once, and Complying with Many”.
- Collaborate with Information Security Compliance resources in other regions and provide guidance and training about how to apply a global Information Security Compliance framework.
- Consistently deliver high-quality services and deliverables.
- Lead the engagement with an external auditor/examiner.
You should ideally have:
- Relevant tertiary qualifications and/or equivalent combination of education or work experience. Advanced degree preferred.
- 5+ years of professional experience in the field of Information Technology Assurance, Security, and related enterprise-level technology design and implementation experience.
- 3+ years of technical experience in the cybersecurity compliance development and/or audit aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience.
- 3+ years of experience managing teams responsible for any of the following disciplines: security operations, security engineering, identity and access management, incident response, risk, and compliance programs.
- 3+ years of experience leveraging and generating security metrics.
- Ability to rapidly learn and apply advanced and emerging technical security principles, theories, and concepts.
- Strong knowledge of cloud security concepts and DevOps practices
- Exceptional analytical ability, communication and project management skills, and the ability to work effectively with clients, IT management and staff, vendors, and consultants.
- Strong ability to understand client expectations and to resolve issues that may affect service delivery.
We love people with a creative approach to problem-solving. If you want to be part of and build an open learning-oriented culture, then reach out. Let’s compare notes.
Contact: Rudolph ([email protected])