Information Security Compliance Engineer III

Job Description:

We are seeking a detail-oriented Information Security Compliance Engineer to ensure our organization's enterprise Information systems and processes comply with regulatory standards and industry best practices.

The ideal candidate will play a pivotal role in conducting security audits, identifying risks, and implementing strategies to maintain compliance and enhance the security posture of enterprise operations.

Key Responsibilities:


* Conduct regular information security assessments to evaluate system integrity and compliance.


* Work with Enterprise Risk and Compliance as the technical subject matter expert during audit reviews.


* Develop and recommend information security policies, procedures, and guidelines in accordance with ISO/IEC 27001 and ISO/IEC 27002 standards.


* Coordinate with various departments to ensure that security controls are integrated into business processes.


* Monitor compliance with internal security policies, industry standards, and regulatory requirements.


* Maintain documentation related to information security compliance, including audit reports, risk assessments, and incident reports.


* Perform technical risk assessments and identify areas for improvement in infrastructure security systems.


* Prepare detailed reports on security audit findings and recommendations for management.


* Assist project teams and information owners in identifying security control objectives and appropriate security controls for protecting company information and assets.

Qualifications:


* Bachelor's degree in information technology, Computer Science, or a related field.


* Professional certifications such as CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control), or CISSP (Certified Information Systems Security Professional).


* Strong understanding of regulatory requirements, industry standards, and cybersecurity best practices, particularly ISO/IEC 27001, ISO/IEC 27002, SOC 2, GDPR, and PCI DSS.


* Minimum of 5 years of experience in IT security audit, compliance, or a related role.


* Excellent analytical and problem-solving skills.


* Detail-oriented with strong organizational abilities.

Other Qualifications:


* The Winning Way behaviors that all employees need in order to meet the expectations of each other, our customers, and our partners:Communicate with Clarity - Be clear, concise, and actionable.

Be relentlessly constructive.

Seek and provide meaningful feedback.


* Act with Urgency - Adopt an agile mentality - frequent iterations, improved speed, resilience.

80/20 rule - better is the enemy of done.

Don't spend hours when minutes are enough.


* Work with Purpose - Exhibit a "We Can" mindset.

Results outweigh effort.

Everyone understands how their role contributes.

Set aside personal objectives for team results.


* Drive to Decision - Cut the swirl with defined deadlines and decis...