IT Compliance & Audit Specialist

Summary

Join SupportYourApp, a global leader in outsourced customer support, as an IT Compliance & Audit Specialist. You will manage certification processes (ISO, PCI DSS, SOC 2, etc.), monitor IT infrastructure compliance, collaborate with auditors, and stay updated on evolving legislation and security standards. Responsibilities include creating documentation, handling security requests, conducting internal audits, assessing risks, and delivering information security training. This role requires 3+ years of experience in information security, audit, or compliance, a relevant degree, and strong analytical skills. Excellent English skills are essential. Preferred qualifications include experience in the financial or tech industry and knowledge of DevSecOps.

Requirements

• 3+ years of proven experience in information security, audit or compliance sphere(s)
• Degree in information technology, cybersecurity, law or risk management
• Experience in external audits and certification preparation
• Knowledge of risk management principles
• Skills in conducting GAP analysis and internal audits
• Outstanding analytical skills and attention to detail
• Excellent English skills (for interacting with auditors, writing policies and reports, communicating with clients)

Responsibilities

• Manage certification preparation processes (ISO, PCI DSS, SOC 2, etc.) and conduct them in accordance with relevant requirements (HIPAA, GDPR, CCPA, etc.)
• Monitor compliance of IT infrastructure with security standards
• Collaborate with auditors and certification bodies
• Monitor changes in legislation and security standards
• Create documentation on policies and processes
• Handle security requests from clients (external and internal)
• Develop and conduct internal audits
• Assess risks and monitor compliance with security requirements
• Prepare and conduct training on information security and compliance requirements

Preferred Qualifications

• ISO 27001 Lead Implementer / Lead Auditor
• CISM (Certified Information Security Manager)
• CISA (Certified Information Systems Auditor)
• CISSP (Certified Information Systems Security Professional)
• CIPP/E or CIPM (for GDPR)
• PCIP, ISA or QSA (for PCI DSS)
• Experience working in the financial and/or tech industry that handles sensitive data
• Experience in automating compliance processes (GRC platforms, ISMS systems)
• Knowledge of DevSecOps approaches for integrating security into the development lifecycle

Benefits

• Business hours
• Opportunity to work fully remotely
• Creative and unique art offices ( see for yourself )
• Inclusive international environment
• Compensation in USD
• Good bonuses for referring friends
• Paid intensive training and probation
• Mind-blowing corporate events and social activities
• Work-life balance
• Responsive management interested in your growth and long-lasting cooperation
• Greenhouse conditions for self-development