IT Compliance & Audit Specialist

Summary

Join SupportYourApp, a global Support-as-a-Service company, as an IT Compliance & Audit Specialist. You will play a crucial role in ensuring information security by managing certification processes, monitoring compliance, collaborating with auditors, and conducting internal audits. This position requires 3+ years of experience in information security, audit, or compliance, a relevant degree, and desirable certifications like ISO 27001, CISM, CISA, CISSP, CIPP/E, CIPM, PCIP, ISA, or QSA. You will be responsible for preparing and conducting training on information security and compliance requirements. SupportYourApp offers a remote work environment, competitive compensation in USD, good bonuses for referrals, paid intensive training, mind-blowing corporate events, and a focus on employee growth and development.

Requirements

• 3+ years of proven experience in information security, audit or compliance sphere(s)
• Degree in information technology, cybersecurity, law or risk management
• Experience in external audits and certification preparation
• Knowledge of risk management principles
• Skills in conducting GAP analysis and internal audits
• Outstanding analytical skills and attention to detail
• Excellent English skills (for interacting with auditors, writing policies and reports, communicating with clients)

Responsibilities

• Manage certification preparation processes (ISO, PCI DSS, SOC 2, etc.) and conduct them in accordance with relevant requirements (HIPAA, GDPR, CCPA, etc.)
• Monitor compliance of IT infrastructure with security standards
• Collaborate with auditors and certification bodies
• Monitor changes in legislation and security standards
• Create documentation on policies and processes
• Handle security requests from clients (external and internal)
• Develop and conduct internal audits
• Assess risks and monitor compliance with security requirements
• Prepare and conduct training on information security and compliance requirements

Preferred Qualifications

• Certifications (one or more) are desirable
• ISO 27001 Lead Implementer / Lead Auditor
• CISM (Certified Information Security Manager)
• CISA (Certified Information Systems Auditor)
• CISSP (Certified Information Systems Security Professional)
• CIPP/E or CIPM (for GDPR)
• PCIP, ISA or QSA (for PCI DSS)
• Experience working in the financial and/or tech industry that handles sensitive data
• Experience in automating compliance processes (GRC platforms, ISMS systems)
• Knowledge of DevSecOps approaches for integrating security into the development lifecycle

Benefits

• Business hours
• Opportunity to work fully remotely
• Creative and unique art offices ( see for yourself )
• Inclusive international environment
• Compensation in USD
• Good bonuses for referring friends
• Paid intensive training and probation
• Mind-blowing corporate events and social activities
• Work-life balance
• Responsive management interested in your growth and long-lasting cooperation
• Greenhouse conditions for self-development