IT Security Compliance Officer

Overview

Key Responsibilities

• Develop and implement IT security policies and compliance frameworks.
• Monitor the implementation and configuration of security aspects of the IT infrastructure.
• Oversee the management of outsourced security services and ensure compliance with contractual obligations.
• Perform regular security audits of IT systems and infrastructure to identify vulnerabilities and ensure compliance with established security policies and standards.
• Develop and implement assessment methodologies to evaluate the effectiveness of security controls and compliance measures.
• Lead investigations into security incidents, breaches, or non-compliance issues, documenting findings and recommending corrective actions.
• Coordinate with relevant teams to respond to security incidents, ensuring timely resolution and minimal impact on operations.
• Assist in the development and maintenance of IT security policies, procedures, and guidelines to ensure compliance with regulatory requirements and industry best practices.
• Ensure that all IT staff are aware of and adhere to security policies and procedures.
• Manage relationships with third-party security service providers, ensuring that they meet contractual obligations and compliance requirements.
• Collaborate with vendors to enhance security measures, including the implementation of security information and event management (SIEM) solutions.
• Prepare and present detailed audit reports, compliance assessments, and incident investigation findings to the CIO and other stakeholders.
• Maintain comprehensive documentation of security policies, procedures, audit results, and compliance activities for reference and regulatory purposes.
• Develop and deliver training programs to educate employees about IT security policies, compliance requirements, and best practices.
• Promote a culture of security awareness within the organization, ensuring that all employees understand their role in maintaining security.

Qualifications & Experience

• Bachelor’s degree in computer science, information technology, or a related field is preferred.
• A minimum of 6 years’ experience in security and compliance management with a strong understanding of operating systems and networks
• A minimum of 4 years of experience may be considered exceptional for candidates of high caliber.