Compliance Associate

Responsibilities:

• Quality ISO9001 SOP/ Policies creation and update
• ISO Management- ISO document handling and ISO SPOC training, MRM
• Must have experience of Internal and External ISO Audits
• Involve in periodic Client Audits
• Initiate periodic Vendor Audits and prepare reports and follow ups for closure.
• Tasked with everything from developing company policies, creating metrics to help track compliance and performing compliance audits.
• Responsible for analysing the gaps, designing, and implementing the strategies to maintain internal and external compliances, security and privacy both, as per the overall business requirements
• Manage the client/ prospective client queries/ requirements to understand the IT security and privacy framework of the organization and head the audits conducted by the clients or external organizations
• Enabling organization in setting up global footprint while complying with policies and procedures governed by the local law.
• This involves creation, review, update Policy, Procedures and getting the approval.
• Ensuring policies are in line with compliances agreed with customers and applicable laws.
• Driving compliance to defined Policies and Procedures.
• Conducting proactive Risk Assessment & work on addressing open risks.
• Conducting Regular Internal Audits to assess the compliance levels.
• Taking corrective actions to address the findings/opportunities for improvement.
• Working on actions pertaining to client compliance requirements, audits and timely closure of audit observation.
• Working with other functions for implementation of controls and measuring the compliance level.
• Data Analysis and reporting on compliance levels, internal audit results, non-conformities, effectiveness of controls and corrective actions
• Proactive and ongoing monitoring & reporting of applicable law/ required controls as per changing business environment.
• Conducting vendor audits to evaluate the vendor performance and compliance with AuthBridge standards .
• Any other work/improvement projects for compliance, information security/privacy controls as per organization requirement.
• To manager end to end management system certification and implementation of policy and procedures throughout the organization
• Gathering, preparing the data and Facilitating management review meetings

Requirements :

• Min. 2 years experience in Security, Privacy and Regulatory Compliances
• Experience in global standards for IT security and privacy compliances.
• Experience in implementing controls for ISO 27001, 22301, NIST, GDPR, CCPA, HIPPA etc.
• Experience in documenting policies and procedures, templates, flow diagrams.
• Experience in Risk Management, business continuity management and related audits.
• Exposure to Anti-Bribery and Anti-Corruption compliance.