o Help to interpret the relevant, applicable government regulations.
o Work with different teams including Legal, Cybersecurity, Finance, IT Operations, R&D, Products, and other stakeholder teams to coordinate control requirements, reporting and mapping to policy, regulation, and best practice.
o Work with stakeholders to build plan of actions and milestones, track progress against gaps, and communicate changes or risks to plans in a timely manner.
o Identify, document, and report control deficiencies and associated recommendations for improvements.
o Develop and communicate reports to describe regulatory risks and associated remediation actions.
o Understand current information security regulatory applicability and monitor for upcoming regulatory changes and revisions.
o Support the alignment of the policies and standards to both regulations and best practices.
o Review and challenge to support compliance with policies, standards, and regulations.
o Evaluate, operate, and maintain tools or artifacts to capture and publish regulatory assessment results.
o PM, Design, and implement compliance solutions to stabilize and operationalize responsible program(s).
Requirements:
• Bachelor’s degree in computer science, Information Security, or a related field.
• Strong communicator to present to all levels.
• Experience in interpreting regulatory requirements and policies.
• Experience in conducting compliance and gap assessments and designing metrics.
• IT audit experience required
• Knowledge of NIS800-218/Secure Software Development Framework, EU NIS 2 Directives, and Cybersecurity Resilient Act. Understand what the regulation is
• Experience in applying security best practices within an SDLC framework.
• Familiarity with various SDLC methodologies (e.g., Agile, Waterfall).
• Experience with security automation tools for SDLC.
• Ability to prioritize tasks, manage deadlines, and work independently.
• Ability to independently run in a fast-paced environment and proactively identify and bridge knowledge gaps.
• Candidates with 5+ years of relevant experience preferred with the above requirements.
• CIA/CISA/CRISC, or CISM preferred.
Seniority level
Mid-Senior level
Employment type
Contract
Job function
Information Technology
Industries
IT Services and IT Consulting
Referrals increase your chances of interviewing at ALOIS Solutions by 2x