IT Compliance Officer

• Maintain and enhance in existing security controls, risk assessment framework, ensuring documented and sustainable compliance that aligns with SEWA business objectives and applicable regulatory requirements.
• Continuously monitor information security controls, exceptions, risks.
• Schedules regular assessments and testing of effectiveness and efficiency of ISMS controls and existing system policies and creates GRC reports.
• Performs and investigates internal and external information security risk and exceptions assessments.
• Conduct IT System policies reviews, assess security incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks.
• Documents and reports Information Security control failures and gaps. Provides remediation guidance and prepares incident reports to track remediation activities.
• Remains current on IT Governance and Information security risks, technologies and compliance best practices.
• Performs other related duties as assigned.

Min 5 Years of applied work experience in cyber security programs, audits, assessments, risk, remediation, or information security compliance management

• Information security governance requirements, compliance principles, practices, laws, rules and regulations.
• SAP Information technology systems and processes, IT network infrastructure, data architecture, data processes, and protocols.
• Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration.
• Information systems auditing, monitoring, controlling, and assessment process.
• Incident response management.
• Risk assessment and management methodology.

• Security project study, management, and planning.
• Maintaining confidentiality.
• Troubleshooting and operating a computer and various software packages.
• Defining problems, collecting and analyzing information, establishing facts and drawing valid conclusions

• Effectively communicate technical issues to diverse audiences, both in writing and verbally.
• Apply a risk-based approach to planning, executing, and reporting on audit engagements and auditing process.
• Learn quickly and apply knowledge to new situations and business requirements.
• Handle sensitive and confidential matters, situations, and data.
• Understand and follow broad and complex instructions.
• Interact positively with the management, the staff, the public, and regulatory agencies in order to enhance effectiveness and to promote quality service.
• Work independently and prioritize multiple tasks and adapt to needed changes.

• Paid Time Off
• Performance Bonus
• Training & Development