Job Summary The Security and Compliance Lead isresponsible for developing, implementing, and maintaining thecompany’s security program to ensure compliance with industrystandards, regulatory requirements, and best practices. This roleinvolves risk assessment, policy enforcement, incident management,and cross-functional collaboration to enhance the organization’ssecurity posture. The ideal candidate will be a strategic thinkerwith strong technical expertise and the ability to communicatesecurity concepts effectively across departments and with externalstakeholders. Responsibilities Security Program Management -Develop, implement, and maintain the organization’s securityprogram, ensuring alignment with industry security frameworks. -Conduct regular security assessments and audits to identify gapsand recommend improvements. - Establish and enforce securitypolicies, controls, and best practices to mitigate risks. -Evaluate and implement security tools to enhance monitoring,detection, and prevention capabilities. Risk Assessment &Compliance; - Conduct risk assessments for projects involvingtechnological components and provide recommendations for mitigatingsecurity risks. - Ensure compliance with internal security policiesand external regulatory requirements. - Oversee the evaluation ofcompliance with company security controls, identifying areas forimprovement. - Review and assess security clauses in contracts toensure alignment with company policies and industry standards. Incident Management & Response - Serve as the escalation pointfor security incidents, coordinating responses and ensuringadherence to incident management protocols. - Work closely with theSecurity team and Service Desk to assess risks associated withincidents and user requests. - Develop, execute, and improvebusiness continuity and incident response plans through testing andanalysis. Customer & Stakeholder Engagement - Act as theprimary point of contact for customer inquiries related to securitypractices. - Respond to customer security assessments and providetechnical guidance on security implementations and requirements. -Coordinate security initiatives with different departments topromote a company-wide security culture. Governance, Risk, &Compliance; (GRC) Management - Manage Governance, Risk, andCompliance (GRC) tools and oversee security risk assessments usingplatforms like Black Kite. - Provide security advisory services forinternal and external stakeholders on IT governance, risk, andcompliance matters. - Support security initiatives by identifyingkey security improvements and driving their implementation. Skillsand Experience - Degree in Information Technology or a similarfield - 5+ years in Security or Compliance role - Proven experiencein security, compliance, risk management, or related fields. -Strong understanding of security frameworks such as NIST, ISO27001, SOC 2, or similar standards. - Experience with riskassessment methodologies and incident management processes. -Familiarity with security tools, GRC platforms, and vulnerabilitymanagement solutions. - Ability to evaluate security controls,policies, and contractual security clauses. - Excellentcommunication skills, with the ability to interact effectively withtechnical teams, executives, and customers. - Strongproblem-solving and decision-making skills in high pressuresituations. #J-18808-Ljbffr