Compliance Specialist Job Overview: We are seeking a highly skilled individual to fill a Compliance Support Specialist position. This role will play a critical part in helping clients achieve and maintain compliance with SOC 2 Type II, ISO 27001, and other framework standards. Main Responsibilities: - Technical Assistance: - Provide technical support for cybersecurity tools and technologies, ensuring operational effectiveness and timely issue resolution. - Maintain security awareness training documentation for internal and client-facing audiences to promote cybersecurity best practices. - Support clients' audit readiness by assisting with evidence collection, control testing, and remediation tracking. - Assist clients with the setup and maintenance of GRC (Governance, Risk, and Compliance) tools, particularly Drata, including data migration, vendor module configuration, user management, and policy updates. - Security Documentation: - Create, maintain, and update security policies, procedures, and compliance documentation to align with industry standards. - Develop and maintain trackers for client purposes according to their internal policy requirements. - Assist clients in completing Self-Assessment Questionnaires (SAQs), leveraging existing onboarding information, historical SAQs, and data housed within GRC platforms. - Conduct periodic user access reviews across clients' systems and applications. - Assist in preparing reports and documenting response actions. - Collaboration: - Partner with cybersecurity team members and cross-functional departments to implement and sustain security measures. - Research and respond to clients' ad-hoc security inquiries, providing clear and actionable findings. - Leverage internal tools to optimize workflows and drive efficiency in daily operations. - Self-Direction: - Regularly assess and enhance client security postures, leveraging GRC platform features for control management, task assignment, and audit readiness activities. - Operate autonomously, taking ownership of work and executing tasks ahead of deadlines with minimal oversight. Key Qualifications: - Education: - Bachelor's degree in Information Security, Computer Science, or a related field. - Relevant Certifications: - SEC+, CISA, or equivalent may be required. - Experience: - Minimum of 2–4 years of experience in cybersecurity, with a focus on compliance management and project management. - Skills: - Proficiency in using Asana (or equivalent) for project management and Slack for effective communication. - Compliance Knowledge: - Strong understanding of SOC 2 Type I and II, and ISO 27001 standards, controls, and assessment methodologies. - Addtional Requirements: - Ability to analyze and identify security risks, providing practical recommendations for mitigating those risks. - Excellent verbal and written communication skills in English, with the ability to convey technical concepts to both technical and non-technical stakeholders effectively. - Proven ability to work collaboratively in a team environment, interacting with clients, internal teams, and third-party auditors or assessors (as needed). - Ability to work independently, remotely, with assigned tasks and deadlines, with minimal oversight. - Meticulous and thorough approach to work, ensuring accuracy in documentation, reporting, and compliance activities. - Ability to thrive in a fast-paced and rapidly changing environment, managing multiple projects simultaneously and meeting deadlines. Job Benefits: - Competitive salary. - Prepaid medicine. - Life insurance. - Birthday day off. - Indefinite-term labor contract, with all legal benefits.