Evaluate organizational compliance with standards and regulations, including PCI-DSS, PCI-3DS, ISO 27001, ISO 27701, SOC 2 Type 2, and applicable local regulationβs requirements.
Assess internal controls, identify risks, and prepare detailed audit and compliance reports.
Conduct IT risk assessments, document findings, recommend improvements, and collect evidence for external audits.
Collaborate with business process and control owners to design and implement remediation plans.
Coordinate effectively with internal stakeholders and external auditors to ensure alignment and compliance.
Support the preparation and maintenance of business documents, policies, and compliance questionnaires.
Requirements
Professional certification(s) such as CISSP, CISM, CISA, CRISC, CIPP, or equivalent expertise in data security, privacy laws, and compliance program management.