The Compliance Specialist is responsible for advocating, standardizing, documenting, and monitoring compliance through the organization's security tools and platforms, controls, policies, standards,and procedures. In this role, you will be working with the GPL program teams and senior leadership to achieve and maintain program SOW adherence, governance, and other regulatory framework requirements such as GDPR, TISAX & CCPA and industry certifications (namely but not limited to SOC2, ISO 27001, ISO 9001, ISO 22301).
You will also be responsible for driving our current compliance efforts to ensure the timely completion of all audits and standardise and accelerate the management of audits to avoid gaps and duplication of effort. This includes managing the external & internal audit plans, updating existing controls, assisting in maintaining certifications and participating in mapping to future certifications.
Key Responsibilities:
Develop and own a plan to drive SOW adherence and remediation steps, and develop and provide internal stakeholder training on SOW compliance policies, SLAs, and reporting practices.
Ensure that every customer/3rd party audit is a zero-issue audit, meaning that the organization is 100% compliant with customer SOWs.
Import, manage, and standardize audits across the organization using the organization's tools and systems with the goal of reducing duplication and improving audit efficiency and accuracy.
Work with all business functions to understand all compliance requirements, develop and maintain compliance roadmap & strategy
Develop and maintain compliance documentation, policies, guidelines, frameworks,standards, and procedures.
Communicate policies and procedures to stakeholders inside the company.
Support in the implementation of compliance & security standards, regulations, and best practices for the organization namely but not limited to SOC2, ISO 27001, CCPA, and GDPR as necessary.Support global compliance & security awareness strategy and programs fostering a culture where compliance & security is everyone's responsibility.
Ensure compliance with critical controls on a regular basis.
Own audit activities with external and internal auditors and coordinate with internal teams to respond to all inquiries. This could be audited for client requirements, ISO standards, and any other applicable audit requirements.
Assist with the facilitation of certifications which include, but are not limited to, ISO 9001,BCP, and ISO 27001.
Define team-level SLA requirements to meet business needs according to the SOW.
Identifying gaps with controls assigned to the organizations teams.
Assist in determining whether supplied artifact(s) by teams meets SOC, CCPA, ISO,GDPR & client SOW requirements.
Minimum Qualifications:
Bachelor's Degree in finance or business-related field
2-3 years of experience in a compliance role and or security auditing role
Knowledge of laws, legal codes, procedures, and other relevant regulatory standards.
Strong analytical, investigative and critical thinking skills.
Excellent verbal and written communication skills.
Documenting and reporting skills.
Attention to detail.