IT Compliance Lead (SDE-4)

Job Title: IT  Compliance lead- SDE 4

Job Description:

We are seeking an experienced IT Infrastructure Compliance lead to join our team. The successful candidate will play a critical role in ensuring that our organization's IT infrastructure adheres to industry standards, regulatory requirements, and internal policies. As an IT Infrastructure Compliance lead, you will be responsible for evaluating, designing, and implementing compliance controls to safeguard our systems and data.

Responsibilities:

• Develop and implement IT  compliance strategies: Collaborate with cross-functional teams to define and execute compliance strategies, considering industry best practices, regulatory requirements, and internal policies.
• Conduct compliance assessments: Perform comprehensive assessments of our IT infrastructure to identify areas of non-compliance and vulnerabilities. Analyze existing controls, policies, and procedures to ensure they meet compliance requirements.
• Monitor and track compliance: Establish monitoring mechanisms and implement tools to continuously monitor the IT infrastructure for compliance. Regularly review system logs, security reports, and audit trails to identify any compliance violations or anomalies.
• Develop and maintain compliance documentation: Create and update documentation, including policies, procedures, standards, and guidelines, to ensure compliance with relevant regulations and frameworks.
• Design and implement controls: Collaborate with IT teams to design and implement technical controls and security measures to address compliance requirements. This includes access controls, data encryption, network segmentation, vulnerability management, and disaster recovery planning.
• Coordinate audits and assessments: Act as a liaison between internal and external auditors during compliance audits and assessments. Prepare necessary documentation, respond to audit inquiries, and assist in remediation efforts.
• Conducts internal Audits.
• Stay up-to-date with regulations and industry standards: Continuously monitor changes in regulatory requirements and industry best practices related to IT infrastructure compliance. Assess the impact of new regulations and standards on our infrastructure and develop plans for compliance.
• Provide training and guidance: Conduct training sessions and awareness programs to educate employees on IT infrastructure compliance requirements, policies, and procedures.
• Incident response and remediation: Collaborate with incident response teams to investigate and remediate compliance-related incidents or breaches. Identify the root causes of incidents and recommend preventive measures.
• Collaborate with stakeholders: Work closely with internal stakeholders, including IT operations, security, legal, and risk management teams, to align compliance efforts with overall business objectives.

Qualifications:

• Bachelor's degree in Computer Science, Information Systems, or a related field. Relevant certifications (e.g., CISSP, CISM, CRISC) are preferred.
• Proven experience in IT infrastructure compliance, including familiarity with industry standards such as ISO 27001, NIST, and GDPR.
• Strong knowledge of IT systems, networks, and infrastructure components.
• Experience conducting compliance assessments, audits, and vulnerability assessments.
• Proficient in risk management frameworks and methodologies.
• Familiarity with regulatory requirements relevant to the industry (e.g., HIPAA, PCI DSS).
• Knowledge of secure coding practices, encryption technologies, and security protocols.
• Excellent problem-solving and analytical skills.
• Strong communication and interpersonal skills, with the ability to work effectively with cross-functional teams.
• Attention to detail and the ability to manage multiple priorities in a fast-paced environment.
• Experience with IT service management (ITSM) frameworks, such as ITIL, is a plus.