Cybersecurity Compliance Associate

DUTIES AND RESPONSIBILITIES

Compliance Management & Governance

• Implement and maintain the cybersecurity compliance program.
• Maintain documentation of compliance activities (policies, procedures, audit results, training records).
• Monitor laws, regulations, and standards (e.g., DPA2012, GDPR, ISO27001, NIST CSF) to ensure compliance.
• Perform compliance reviews of security policies, procedures, and industry best practices.
• Track compliance metrics, audits, and reports, ensuring timely submission to authorities.
• Monitor non-compliance issues and track corrective actions.
• Develop KPIs and metrics to measure compliance with laws and regulations.
• Integrate compliance metrics into risk assessment processes and use them to prioritize initiatives.
• Stay informed about emerging trends, threats, and regulations.

Compliance Review, Audit, and Reporting

• Conduct regular risk assessments to identify compliance gaps.
• Perform internal reviews and assessments to evaluate compliance controls.
• Support cybersecurity risk management activities and collaborate with Internal Audit.
• Prepare and present compliance reports to senior management and regulatory bodies.
• Monitor KPIs to assess the effectiveness of compliance programs.

Policy Development

• Develop and maintain cybersecurity policies aligned with regulatory requirements and best practices.
• Provide training on compliance requirements and promote awareness of compliance metrics.

Incident Response & Reporting

• Ensure compliance considerations are integrated into incident management.
• Maintain documentation for regulatory reporting on incident response activities.
• Coordinate with the Legal Team on compliance, disclosures, and potential fines.

Collaboration & Communication

• Act as a liaison between cybersecurity teams and business units to ensure compliance.
• Communicate cybersecurity risks and mitigation strategies.
• Collaborate with IT, Legal, HR, DPO, and other teams on cybersecurity initiatives.

EDUCATION AND SKILLS

• Bachelor’s Degree in IT, Computer Engineering, or equivalent.
• 3+ years of experience in cybersecurity compliance roles.
• Strong knowledge of cybersecurity frameworks and regulations (ISO27001, NIST CSF, GDPR, DPA2012).
• Proficient in cybersecurity technologies, tools, and IT infrastructure.
• Strong analytical, problem-solving, and communication skills.
• Entry-level certifications (CompTIA Security+, CISA, CISSP, CISM, CRISC).
• Ability to manage multiple projects and meet deadlines.

DUTIES AND RESPONSIBILITIES

Compliance Management & Governance

• Implement and maintain the cybersecurity compliance program.
• Maintain documentation of compliance activities (policies, procedures, audit results, training records).
• Monitor laws, regulations, and standards (e.g., DPA2012, GDPR, ISO27001, NIST CSF) to ensure compliance.
• Perform compliance reviews of security policies, procedures, and industry best practices.
• Track compliance metrics, audits, and reports, ensuring timely submission to authorities.
• Monitor non-compliance issues and track corrective actions.
• Develop KPIs and metrics to measure compliance with laws and regulations.
• Integrate compliance metrics into risk assessment processes and use them to prioritize initiatives.
• Stay informed about emerging trends, threats, and regulations.

Compliance Review, Audit, and Reporting

• Conduct regular risk assessments to identify compliance gaps.
• Perform internal reviews and assessments to evaluate compliance controls.
• Support cybersecurity risk management activities and collaborate with Internal Audit.
• Prepare and present compliance reports to senior management and regulatory bodies.
• Monitor KPIs to assess the effectiveness of compliance programs.

Policy Development

• Develop and maintain cybersecurity policies aligned with regulatory requirements and best practices.
• Provide training on compliance requirements and promote awareness of compliance metrics.

Incident Response & Reporting

• Ensure compliance considerations are integrated into incident management.
• Maintain documentation for regulatory reporting on incident response activities.
• Coordinate with the Legal Team on compliance, disclosures, and potential fines.

Collaboration & Communication

• Act as a liaison between cybersecurity teams and business units to ensure compliance.
• Communicate cybersecurity risks and mitigation strategies.
• Collaborate with IT, Legal, HR, DPO, and other teams on cybersecurity initiatives.

EDUCATION AND SKILLS

• Bachelor’s Degree in IT, Computer Engineering, or equivalent.
• 3+ years of experience in cybersecurity compliance roles.
• Strong knowledge of cybersecurity frameworks and regulations (ISO27001, NIST CSF, GDPR, DPA2012).
• Proficient in cybersecurity technologies, tools, and IT infrastructure.
• Strong analytical, problem-solving, and communication skills.
• Entry-level certifications (CompTIA Security+, CISA, CISSP, CISM, CRISC).
• Ability to manage multiple projects and meet deadlines.