Security and Compliance Analyst

Enshored has been powering growth for disruptive brands and leading companies in the US and Europe since 2014. As part of Inc 5000 fastest-growing companies in the US, our commitment to pushing the extra mile helps our clients reach their business’ optimal growth potential, may it be from the ground up or by innovative transformation.

Our team is composed of hand-picked talented individuals adapted to handle themselves in a balanced environment of smart and hard work while maintaining a dynamic relationship with stakeholders, leaders, and team members. Important decisions revolve around the guidance of our core values, especially when choosing the right people:

• Grit. We never give up. We don't always know the answer, but we don't give up until we  crack it. Sticking at it makes us stronger.
• Curiosity. We want to know you, what makes you tick and what it will take to help you grow.
• Learning. Learning is the key to mobility, growth, and transformation. It's a commitment. We're committed.
• Grace. The unconditional love for our fellow man. What is this world without love – merely a transactional scorecard of winners and losers. We don't want to reinforce that operating system. We are driving a paradigm shift to an infinite mindset where we start from the knowledge that there is plenty to go around.
• Honesty & Sincerity. Being true to ourselves. Being honest, being open, trustworthy and truthful. Sincerity provides depth to honesty, as our honesty at times can even betray us, as we all hide behind our deep pain and hurt.
• Integrity. Integrity is standing up for what we believe is right and living by our highest values.

Our philosophy leads us to invest in the best people we can find, and working side by side, we help them build the career paths they deserve.

Don’t just take our word for it; experience the growth yourself!

If you don’t know where to start, check us out at www.enshored.com.

DUTIES AND RESPONSIBILITIES

• Supports and effectively manages audit engagements with the client and external auditors
• Recommends, monitors, and drives remediation and closure of auditor and client audit findings
• Offers IT and compliance advisory support on systems and processes
• Lead and/or facilitate audit security compliance activities such as risk assessment, periodic access reviews, change review and training deployment
• Provide evaluated responses to security questionnaires, RFIs, and RFPs
• Work with senior management, shared services, and operations for all the related security and compliance requirements of the company and contribute to organizational developments, including infrastructure and operations.
• Develops, maintains, and communicates the organization’s information security policy and procedures
• Assists in developing and updating the compliance program to demonstrate continuous compliance with internal policies and external standards, legislation, and regulations including the evaluation of new or updated industry regulations
• Supports the directing and overseeing of the assessment, selection, implementation, and maintenance of information security tools and technologies
• Ensures that information security controls are implemented
• Participates in business continuity planning (BCP) activities when required by regulation or senior leadership
• Prepares reports, business cases, and presentations on security risk, controls, the status of compliance efforts, etc.
• Investigates/responds to information security incidents and acts as liaison between IT and other functions (e.g., HR, Operations) regarding incident response activities

MINIMUM REQUIREMENTS AND QUALIFICATIONS

• A Bachelor's degree or the equivalent in IT, Computer Science, Engineering or related field
• Certifications in information security or compliance (CISSP, CISM, CEH, CRISC, CISA, Security+)
• Experience in the BPO industry is a plus
• Minimum of 2-3 years of experience in IT audit, security, compliance and sub-domains of IT operations
• Experience in being part of a security team is a plus
• Understand the basic technology concepts, information security, data privacy, IT audit, risk and controls and IT general controls (ITGC)
• Basic understanding of common information security standards (e.g. PCI:DSS, ISO27001, SOC1 and SOC 2, HIPAA), GDPR and the Data Privacy Act of 2012
• Well-versed in industry regulations and can translate complex security concepts into layman’s terms
• Good collaboration and teamwork abilities
• Quick critical thinking and problem-solving abilities
• Effective communication, including writing, speaking, and interpersonal communication, and the ability to influence others
• Policy and process writing and review
• Amenable to work mid/night shift and willing to render overtime when needed
• Must be able to communicate with all levels of management effectively
• Detail-oriented with the ability to see the “big picture”
• Thorough knowledge of information security and compliance concepts
• Working knowledge of industry-leading information security tools and technologies
• Possesses strong analytical and problem-solving skills
• Ability to work independently and manage multiple priorities simultaneously
• Interest in emerging technologies related to information security and compliance

About Enshored 

Enshored is the leading outsourcer for start-ups. We’re here for the innovators, for the scalers. We’re here for the creators, for the makers, for the horizon scanners who saw it and then went out there and built it. We believe that when our people thrive, our clients thrive too. When we all thrive, the world becomes a better place.

At Enshored, this means: We support our people to achieve their potential and contribute to their best ability through structured learning and career development. We embrace diversity. We understand that people are all different and need different challenges. We don’t treat individuals as cogs in the machine. We provide the environment, tools, and support system to thrive.