Compliance And Data Security Expert (Contractor)

Compliance and Data Security Expert (Contractor)

Kempton Park, South Africa | Posted on 03 / 20 / MUSE is a consulting company, specialising in resourcing, recruitment and outsourcing of software development teams. MUSE was founded and is run by experienced developers who are passionate about technology and innovation.

We have a vision to be the best in the industry and to provide software development skills that are cutting-edge and high-quality. We work with some of the leading companies in South Africa and we help them build software products and solutions that are game-changing and future-oriented.

We are also at the forefront of applying AI, AR and Machine-Learning concepts to real-world problems. Our main goal is to help our clients get the most value from their technology investments.

We do this by understanding their needs and providing them with the best talent available. We aim to be a vital part of the SDLC.

Job Description

The Compliance and Data Security Expert will be responsible for developing, implementing, and maintaining a robust compliance and data security program.

This role requires a deep understanding of relevant regulations, industry best practices, and security technologies.

The ideal candidate will be a proactive problem solver with excellent communication skills and a passion for ensuring the confidentiality, integrity, and availability of our data.

Responsibilities

1. Develop and maintain policies and procedures to ensure compliance with relevant regulations (e.g., POPIA, GDPR, ISO, industry-specific regulations).
2. Conduct regular compliance audits and risk assessments.
3. Monitor and report on compliance status.
4. Stay up-to-date with changes in regulations and industry standards.
5. Provide guidance and training to employees on compliance requirements.
6. Develop and implement data security policies and procedures.
7. Conduct security risk assessments and vulnerability scans.
8. Implement and manage security controls (e.g., access control, encryption, intrusion detection).
9. Monitor and respond to security incidents.
10. Manage data loss prevention and data backup/recovery processes.
11. Implement and maintain data governance frameworks.
12. Identify and assess potential compliance and security risks.
13. Develop and implement risk mitigation strategies.
14. Maintain a risk register.
15. Conduct business impact analysis.
16. Develop and maintain an incident response plan.
17. Lead incident response activities.
18. Communicate effectively with stakeholders on compliance and security matters.
19. Provide regular reports to management.
20. Liaise with external auditors and regulatory bodies.

Requirements

Qualifications and Skills

1. Bachelor's degree in Computer Science, Information Security, Law, or a related field (or equivalent experience).
2. Relevant certifications (e.g., CISSP, CISM, CISA, CDPO/DPO).
3. Proven experience in compliance and data security management.
4. Deep understanding of relevant regulations (POPIA, GDPR, ISO, etc.).
5. Experience with security risk assessments and vulnerability scanning.
6. Knowledge of security technologies and best practices.
7. Strong analytical and problem-solving skills.
8. Excellent communication and interpersonal skills.
9. Ability to work independently and as part of a team.
10. Experience with data governance frameworks.
11. Experience with cloud security.

Desired Attributes

1. Proactive and detail-oriented.
2. Strong ethical principles.
3. Ability to manage multiple priorities.