Information Security Compliance and Risk Specialist

16 hours ago

Apply Now
Logo of Qu POS

Qu POS

Restaurant & Hospitality Point of Sale • Restaurant Analytics • Restaurant Software • Fast Casual • Quick Service Restaurants

Description

• Manage and assess the effectiveness of the organization's information security governance framework. • Support the development, maintenance, and enforcement of security policies, procedures, and controls to meet regulatory requirements. • Assist with conducting assessments of existing IT architecture for compliance with security requirements from applicable security frameworks (such as NIST CSF, NIST 800-53, FBI CJIS CSP, etc.) • Oversee and support the implementation of PCI DSS/SSF compliance processes, controls, and audits. • Conduct assessments and audits to ensure ongoing compliance with PCI DSS/SSF, SOC 2 and ISO 27001. • Support the implementation and maintenance of the ISO 27001 Information Security Management System (ISMS). • Conduct internal audits and assessments to evaluate compliance with ISO 27001 standards and support certification activities. • Assist in the development of risk management strategies aligned with ISO 27001 requirements. • Monitor and ensure compliance with privacy regulations such as CCPA, GDPR (where applicable), PIPEDA (Canada), LFPDPPP (Mexico), and others applicable. • Conduct audits and assessments to ensure data protection policies comply with regional privacy regulations and develop and implement privacy training programs and awareness initiatives for employees.

Requirements

• Bachelor's degree in Information Security, Computer Science, or a related field. • Minimum of 3-5 years of experience in Information Security, with a focus on GRC, PCI DSS, SOC 2, ISO 27001, and privacy regulations. • Expertise in privacy regulations and data protection laws in the USA (e.g., CCPA, Texas Act), Canada (e.g., PIPEDA), and Mexico (e.g., LFPDPPP). • Experience with risk management practices, security audits, and compliance frameworks, including but not limited to NIST, OWASP, SANS, ISO-27001/2, and Cloud Security Alliance. • Strong attention to detail and the ability to work independently. • Excellent problem-solving skills with a proactive attitude toward risk mitigation. • Strong ethical standards and commitment to data security and privacy. • Nice to have Experience and familiarity with cloud data security and working with public cloud solutions (AWS). • Experience working with Governance Risk and Compliance technologies. • Experience implementing Data Privacy Technologies. • Certifications such as CISA, ITIL Expert, Certified Governance Risk and Compliance (CGRC)

Apply Now

Similar Jobs

Yesterday

Meetsta seeks a Cybersecurity Specialist to enhance security and protect sensitive data. Ideal candidates have a PhD in cybersecurity or related fields.

2 days ago

Remote Cybersecurity Analyst role focusing on Governance, Risk, and Compliance at Axonius, supporting security and compliance initiatives.

2 days ago

Join ezCater's Security Engineering team to ensure secure products at scale while collaborating with engineers.

2 days ago

Join Filevine to protect and enhance customer trust through cloud security engineering. Ensure compliance and security across platforms, applications, and infrastructure.

Built by Lior Neu-ner. I'd love to hear your feedback — Get in touch via DM or lior@remoterocketship.com