6 Cybersecurity Compliance Jobs

# Design & implement data privacy programs, conduct audits, manage compliance with GDPR & global laws, and support ISO 27001/27701 implementation. # Collaborate with clients to enhance privacy frameworks and handle incidents & data subject requests Required Candidate profile # Minimum 3 yrs exp in data privacy/security #Strong knowledge of ISO 27001, 27701, NIST, GDPR, CCPA. #Hands-on with assessments, audits, and ISMS. Preferred: CIPM, CIPT, or CIPP/E.

Develop, implement, and maintain an enterprise-wide information security risk management program. Identify, assess, and document information security risks, ensuring alignment with business objectives. Perform risk assessments, vulnerability analyses, and impact evaluations on IT systems and processes. Collaborate with cross-functional teams to establish risk mitigation strategies and action plans. Monitor, track, and report on risk metrics and key performance indicators (KPIs). Stay updated on regulatory requirements and ensure compliance with standards such as ISO 27001, NIST, GDPR, etc. Develop and maintain comprehensive process documentation and generate reports tailored to the needs of various stakeholders. Drive security awareness programs and train employees on risk management practices. Prepare and present detailed risk assessment reports to senior management. Lead incident response planning and participate in cybersecurity investigations when necessary. Qualifications: Education: Bachelor s degree in Information Security, Cyber Security, Computer Science, Information Science, or a related field. Advanced degrees (e.g., Master s) or certifications (e.g., CISSP, CRISC, CISM, CEH) are a plus. Experience: 5+ years of experience in information security, risk management, or related domains. Skills and Competencies: Comprehensive understanding of frameworks such as ISO 27001, NIST Cybersecurity Framework, COSO, and COBIT. Proven analytical expertise in evaluating and prioritizing risks effectively. Advanced proficiency in utilizing security tools for risk assessment and mitigation. Strong preference for candidates with certifications like CISSP, CISM, CRISC, or equivalent. Exceptional communication and presentation skills, with a proven ability to collaborate effectively across diverse teams. Demonstrated problem-solving capabilities, including critical thinking and informed decision-making under pressure. Skilled in leading security initiatives and managing projects across global teams. A strategic mindset paired with keen attention to detail. Resourceful and decisive under high-pressure situations. An effective team player with exceptional interpersonal and collaboration skills.

Develop, implement, and maintain an enterprise-wide information security risk management program. Identify, assess, and document information security risks, ensuring alignment with business objectives. Perform risk assessments, vulnerability analyses, and impact evaluations on IT systems and processes. Collaborate with cross-functional teams to establish risk mitigation strategies and action plans. Monitor, track, and report on risk metrics and key performance indicators (KPIs). Stay updated on regulatory requirements and ensure compliance with standards such as ISO 27001, NIST, GDPR, etc. Develop and maintain comprehensive process documentation and generate reports tailored to the needs of various stakeholders. Drive security awareness programs and train employees on risk management practices. Prepare and present detailed risk assessment reports to senior management. Lead incident response planning and participate in cybersecurity investigations when necessary. Qualifications: Education: Bachelor s degree in Information Security, Cyber Security, Computer Science, Information Science, or a related field. Advanced degrees (e.g., Master s) or certifications (e.g., CISSP, CRISC, CISM, CEH) are a plus. Experience: 5+ years of experience in information security, risk management, or related domains. Skills and Competencies: Comprehensive understanding of frameworks such as ISO 27001, NIST Cybersecurity Framework, COSO, and COBIT. Proven analytical expertise in evaluating and prioritizing risks effectively. Advanced proficiency in utilizing security tools for risk assessment and mitigation. Strong preference for candidates with certifications like CISSP, CISM, CRISC, or equivalent. Exceptional communication and presentation skills, with a proven ability to collaborate effectively across diverse teams. Demonstrated problem-solving capabilities, including critical thinking and informed decision-making under pressure. Skilled in leading security initiatives and managing projects across global teams. A strategic mindset paired with keen attention to detail. Resourceful and decisive under high-pressure situations. An effective team player with exceptional interpersonal and collaboration skills.

Develop, implement, and maintain an enterprise-wide information security risk management program. Identify, assess, and document information security risks, ensuring alignment with business objectives. Perform risk assessments, vulnerability analyses, and impact evaluations on IT systems and processes. Collaborate with cross-functional teams to establish risk mitigation strategies and action plans. Monitor, track, and report on risk metrics and key performance indicators (KPIs). Stay updated on regulatory requirements and ensure compliance with standards such as ISO 27001, NIST, GDPR, etc. Develop and maintain comprehensive process documentation and generate reports tailored to the needs of various stakeholders. Drive security awareness programs and train employees on risk management practices. Prepare and present detailed risk assessment reports to senior management. Lead incident response planning and participate in cybersecurity investigations when necessary. Qualifications: Education: Bachelor s degree in Information Security, Cyber Security, Computer Science, Information Science, or a related field. Advanced degrees (e.g., Master s) or certifications (e.g., CISSP, CRISC, CISM, CEH) are a plus. Experience: 5+ years of experience in information security, risk management, or related domains. Skills and Competencies: Comprehensive understanding of frameworks such as ISO 27001, NIST Cybersecurity Framework, COSO, and COBIT. Proven analytical expertise in evaluating and prioritizing risks effectively. Advanced proficiency in utilizing security tools for risk assessment and mitigation. Strong preference for candidates with certifications like CISSP, CISM, CRISC, or equivalent. Exceptional communication and presentation skills, with a proven ability to collaborate effectively across diverse teams. Demonstrated problem-solving capabilities, including critical thinking and informed decision-making under pressure. Skilled in leading security initiatives and managing projects across global teams. A strategic mindset paired with keen attention to detail. Resourceful and decisive under high-pressure situations. An effective team player with exceptional interpersonal and collaboration skills.

Job Description: Cybersecurity Compliance Expert Position Overview The Cybersecurity Compliance Expert is responsible for supporting the implementation of controls across various regulatory compliance requirements, managing exceptions to cyber policies, monitoring key performance indicators (KPIs) and key risk indicators (KRIs) for cybersecurity, and supporting internal and external audits. This role is critical in ensuring the organization's cybersecurity posture aligns with regulatory standards and best practices. Key Responsibilities 1. Implementation of Controls Support the implementation of controls to meet various regulatory compliance requirements such as NIS-2, China Cybersecurity Law (CSL), and other relevant regulations. Collaborate with cross-functional teams to ensure compliance controls are effectively integrated into business processes. 2. Policy Exception Management Manage exceptions to cybersecurity policies, ensuring that deviations are documented, justified, and approved according to organizational procedures. Conduct regular reviews of policy exceptions to assess risk and recommend mitigation strategies. 3. Monitoring and Reporting Monitor cybersecurity KPIs and KRIs to track the effectiveness of security measures and identify areas for improvement. Prepare and present regular reports on cybersecurity metrics to senior management and stakeholders. 4. Audit Support Provide support for internal and external audits related to cybersecurity compliance. Coordinate with auditors to provide necessary documentation and evidence of compliance. Assist in the remediation of audit findings and implementation of corrective actions. Qualifications Education: Bachelor's degree in Information Security, Computer Science, or a related field. Experience: Minimum of 5 years of experience in cybersecurity compliance, risk management, or a related area. Certifications: Relevant certifications such as CISSP, CISM, or CISA are preferred. Skills: Strong understanding of regulatory compliance requirements (e.g., NIS-2, China CSL). Excellent analytical and problem-solving skills. Ability to manage multiple tasks and projects simultaneously. Effective communication and interpersonal skills. Proficiency in using cybersecurity tools and technologies. Interested candidates can share their updated resume to rolly.martin@thompsonshr.com

Design and maintain secure, compliant network infrastructure; ensure alignment with cybersecurity standards (e.g., NIST); manage Tier-3 support, remediation, and secure-by-design implementations across business and industrial networks. Required Candidate profile Experienced cybersecurity professional with expertise in network infrastructure, NIST compliance, secure protocols, and risk management. Strong collaborator skilled in Tier-3 support