The Compliance Lead is responsible for the management of compliance tasks and projects which include ensuring quality standards, reporting, process flow analysis, procedural documentation and training.
Drives compliance towards the Industry recognized frameworks and methodologies.
Research, develop and maintain training, operating procedures and process analysis based laws and legislations, industry’s standards including but not limited to ISO 27001, PCI DSS, SOC2, etc.
Leads projects to completion through coordination and follow through with the stakeholders.
Performs root cause analysis in identified gaps and provides recommended solutions.
Collaborates cross-functionally to help execute the Risk Security and Compliance processes which include; governance, risk assessment, risk analysis, risk metrics, risk reporting, and internal / external audit support.
Establish and oversee formal risk analysis and risk-assessment programs of company entities for various Information Services systems and processes.
Participates and works with members of management to create strategies and processes related to all areas of Governance, Risk Management and Compliance according the client / stakeholder requirements in accordance to the industry's standards including but not limited to ISO 27001, PCI DSS, HIPAA, etc.
Reviews and documents policies and procedures based on best practices and stakeholder requirements.
Performs audits based on client, regulatory and internal requirements.
Provides recommendations on identified process gaps and serves corrective and preventive actions.
Provides leadership, direct support and guidance to the compliance team and internal and external business partners during the creation of Compliance Strategy, project execution and implementation initiatives.
Motivate the team to meet and / or exceed productivity targets without affecting the high quality of delivery.
Manage performance and maintain the team’s growth by consistently monitoring performance, acknowledging strengths and addressing areas of opportunities.
Ensure individual and team's adherence to the policies and procedures of the company (sanctions are applied for non-adherence).
Minimum Requirements :
Business-level writing and documentation skills
Strong command of the English language, both oral and written
Strong leadership skills
In depth knowledge of ISO clauses
Critical thinking and decision making skills
Experience working in a large fast paced organizational environment
Can work with minimal supervision
Should have strong knowledge of Microsoft Office applications
Flexibility as regards shifting work schedule
Preferred Skills :
Audit experience with ISO 27001, PCI DSS version 3.2, and SOC2.
Strong knowledge on PCI DSS version 3.2; CPISI certification
Strong knowledge on Risk Management based on ISO 27001 and ISO 31000
Strong knowledge in information and communications technology