Security Compliance and Audit Manager

Job title: Security Compliance and Audit Manager

Company: BC Group


Job description: Role Purpose:
The Compliance and Audit Manager will be responsible for managing and coordinating all cybersecurity compliance efforts and audits, including SOC 2, regulatory requirements, and internal governance. The ideal candidate will work closely with internal and external stakeholders, ensuring our global operations maintain robust cybersecurity practices and meet all required compliance standards.Key Responsibilities:
1. Cybersecurity Compliance Oversight

• Develop, implement, and maintain the organization’s cybersecurity compliance framework.
• Ensure ongoing compliance with SOC 2 and other applicable global regulations and standards.
• Monitor regulatory changes across jurisdictions and ensure the organization adapts to evolving compliance requirements.
• Collaborate with internal teams to ensure cybersecurity policies, procedures, and controls are up-to-date and effective.

2. Audit Management

• Plan, coordinate, and manage multiple audits across global entities, ensuring adherence to deadlines and requirements.
• Act as the primary point of contact for external auditors, regulators, and certification bodies.
• Prepare audit documentation, evidence, and reports, ensuring accuracy and completeness.
• Lead post-audit remediation efforts, ensuring all findings are addressed and resolved in a timely manner.

3. Risk Management and Reporting

• Identify and assess cybersecurity compliance risks across the organization.
• Develop and implement mitigation strategies to address compliance risks.
• Prepare and present detailed compliance and audit reports to relevant stakeholders.
• Track and report on key compliance metrics and develop dashboards for executive visibility.

4. Policy Development and Enforcement

• Collaborate with internal teams to develop and enforce security policies, procedures, and standards.
• Conduct regular reviews of policies and ensure alignment with industry best practices and regulatory requirements.

5. Global Coordination

• Work collaboratively with teams across different regions to standardize compliance practices and ensure global consistency.
• Act as a liaison between jurisdictions and the central compliance function to address location-specific requirements.
• Support new entity onboarding to ensure compliance from day one of operations.

Qualifications and Skills:
Required:

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
• 5+ years of experience in cybersecurity compliance, audit management, or a similar role.
• Good understanding of SOC 2, ISO 27001 and other global cybersecurity standards and regulations.
• Proven experience managing external audits and regulatory engagements
• Excellent project management skills, with the ability to manage multiple audits simultaneously.
• Strong analytical skills and attention to detail for audit documentation and reporting.
• Exceptional communication and interpersonal skills to collaborate with internal teams and external auditors.

Preferred:

• Professional certifications such as CISA, CISSP, CRISC, or ISO 27001 Lead Auditor.
• Experience in working with global organizations or in industries with regulatory requirements.
• Experience with GRC (Governance, Risk, and Compliance) tools or platforms.

Expected salary:

Location: Hong Kong

Job date: Sat, 18 Jan 2025 08:09:45 GMT

To help us track our recruitment effort, please indicate in your email/cover letter where (jobsnear.pro) you saw this job posting.Thanks&Good Luck