Information Security Compliance Manager

Summary

Join Entersekt, a leading provider of digital banking fraud prevention and payment security solutions, as an Information Security Compliance Manager. This role involves managing compliance for European Data Centers, ensuring adherence to PCI DSS, 3DS, SOC2, ISO27001, and Data Privacy legislation. You will be responsible for planning and coordinating annual audits, monitoring vulnerability scans, and managing IT risk. The ideal candidate possesses 5 years of experience in ITIL/Cobit, ISO Lead Auditing/Implementing, and CISA/CISSP, along with expertise in technology project management, Microsoft365, and AWS. You will also need a strong understanding of data privacy regulations and security frameworks.

Requirements

• 5 years’ experience in at least 2 of the below: ITIL/Cobit
• ISO Lead Auditor/Implementer
• CISA/CISSP
• 5 years’ experience in all of the below
• Technology Project Management
• Microsoft365
• Fluent in Sharepoint, Confluence, and JIRA
• AWS Fundamentals
• Hosted on-premise compliance management
• Technical understanding of AWS and Unix environments
• Data Privacy regulation knowledge such as GDPR, PoPIA, DORA, CCPA
• Detailed understanding of PCI DSS
• Frameworks knowledge of OWASP, NIST 800-82, SANS Top20

Responsibilities

• Planning and coordinating annual PCI DSS and PCI 3DS onsite audits at European Data Centres
• Monitoring external vulnerability scans on production systems using third-party tools
• Monitoring card schema changes of hosting and other relevant requirements and informing stakeholders of necessary changes
• Compliance Management on PCI DSS, 3DS, SOC2, ISO27001, and Data Privacy legislation
• Primary Management for Compliance for European Data Centres
• Secondary Management for Compliance Enterprise and AWS SaaS
• IT Risk administration, collaboration, and register management
• ���R&D’ for tools which could assist with team efficiency
• Compliance, security, and risk gap analysis across business and IT function
• KnowBe4 phishing simulations and content creation for security training
• Compliance, security, and risk advisory for product teams
• Policy and Procedure development and maintenance
• Security mailbox monitoring, and assistance if required to escalate
• BAU Management for all Compliance
• On-premise European Compliance, Security, Risk, Infrastructure & Network, Product FAQ
• Compliance related RFP’s, TPRM’s, DPQ’s, questionnaires

Preferred Qualifications

• Pro-actively able to manage their time, initiate requests, and build relationships with stakeholders
• Trustworthy and ethical with sensitive information
• Time management flexibility to perform other functions that may be required

Benefits

• Flexible hours
• Remote work
• Growth opportunities