Information Security Compliance Manager

Ledgent Technology is seeking an

• Team with the CIO to manage the implementation of the Information Security Management System and General Compliance Program
• Enforce policies/procedures with emphasis on SOC 2 Type II, HITRUST, and PCI-DSS
• Comprehend, develop, and provide meaningful reports on the ISMS state and adherence to frameworks and standards
• Guide the escalation and resolution of risk and compliance issues with appropriate stakeholders
• Aid the Sales team in responding to RFPs and security questionnaires; maintain a library of security and compliance RFP responses
• Schedule, execute, and support internal audits as part of the ISMS
• Gather evidence required by external auditors
• Partake in internal and external audits and guide/translate between auditor and personnel
• Conduct client-vendor assessments
• Record, analyze, and document cybersecurity compliance issues and incidents, where necessary
• Partake in security incident response and corrective action planning
• Gather, research, and prepare reports required by senior management
• Operate, execute, and maintain the ISMS
• Coordinate BCP/DR teams and preparedness
• Complete internal security risk assessments
• Enforce training programs
• Conduct Vendor Risk Assessments
• Team with HR Director to verify adherence with onboardings and terminations

• Degree in related field
• Five years of related experience in security and compliance
• Maintain a security certification in at least one of the following: CISM, CISSP, CISA
• Solid verbal and written communication skills in English
• Capability to work in a fast-paced environment and the skills to deal with ambiguity
• Knowledge of IT governance, risk, and compliance management
• Understanding writing policies, procedures, and controls in one or more standards/frameworks
• Background working with security teams performing vulnerability scanning and PEN testing
• Familiarity with network security methodologies and in-depth defense strategies