IT Compliance & Audit Manager

Manager (IT) Compliance & Audit

ZS IT Governance, Risk & Compliance (GRC) team

Information Security, Privacy, and Environmental, Social & Governance (ESG)

independent assurance

Additionally, the GRC team fosters continuous improvement, not only by responding to evolving regulations but by driving proactive initiatives that embed a culture of compliance and risk awareness throughout ZS operations. This holistic approach helps safeguard ZS assets, data, and relationships in a fast-paced and increasingly interconnected business environment.

Manager (IT) Compliance & Audit

Manager, IT Compliance & Audit

Key Responsibilities:

Compliance & Audit Management:

• Lead and manage the implementation, maintenance, and certification processes for ISO 27001, 27701, 27017, HITRUST, SOC 2, SOC 3, and similar standards.
• Oversee and manage internal and external audits, identifying gaps, and ensuring timely closure of audit findings.
• Collaborate with cross-functional teams, including IT, security, legal, and risk management, to ensure alignment on security compliance initiatives.
• Drive continuous improvement initiatives to enhance compliance posture, developing and enforcing security policies, procedures, and controls.

Stakeholder Collaboration & Communication:

• Act as the primary liaison between teams and external auditors, certification bodies, and regulators.
• Build and maintain strong working with key stakeholders, including the CISO, CRO, DPO, Head of Cloud Engineering, IT, and legal teams, to ensure compliance objectives are met.
• Provide expert advice on compliance issues and support various departments with technical and policy-driven .

• People Management & Leadership:

• Lead, mentor, and develop a team of professionals, fostering a high-performance culture.
• Manage team workload, project , and career development, ensuring that the team is up-to-date with industry standards and compliance practices.
• Oversee team training programs to ensure sharing and skills development in compliance and audit.

• Project Management & Reporting:

• Lead compliance projects, including forecasting, resource planning, and reporting progress to leadership committees.
• Develop project timelines, track, and ensure timely delivery of compliance and audit activities.
• Provide regular reports and updates to management, including dashboards and key performance indicators (KPIs) to assess the organizations compliance and risk posture.
• Collaborate with internal teams to ensure smooth integration of compliance requirements into new and existing technologies, including AI, cloud services, and data privacy technologies.

Strategic Planning & Operational Compliance:

• Contribute to the development of the organizations broader compliance strategy, aligning with industry trends and emerging regulations.
• Proactively identify potential risks and vulnerabilities and develop risk mitigation strategies.
• Lead operational compliance efforts across various functions, ensuring comprehensive coverage of security, privacy, and data protection requirements.

Qualifications & Experience:

• Bachelors degree in computer science, Information Technology, Cybersecurity, or a related field. A masters degree or MBA is preferred.
• Minimum 10-12 years of experience in IT compliance, audit, and information security, with specific experience managing ISO 27001, ISO 27701, ISO 27017, HITRUST, SOC 2, SOC 3, and related certifications.
• Proven track record of managing compliance programs and leading audits across large, complex organizations.
• Strong leadership and people management experience, with a demonstrated ability to lead, develop, and motivate high-performing teams.
• Excellent project management skills with the ability to manage budgets, forecasts, timelines, and complex stakeholder requirements.
• Deep understanding of cloud security (Azure, AWS, GCP) and privacy standards, with experience working with cloud engineering and DevSecOps teams.
• Strong problem-solving skills with the ability to influence and engage with C-level executives and senior stakeholders.

Certifications (Preferred):

• CISA (Certified Information Systems Auditor)
• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager)
• ISO 27001 Lead Auditor/Lead Implementer
• HITRUST Certified CSF Practitioner
• Certified Cloud Security Professional (CCSP)
• PMP (Project Management Professional) or equivalent certification

Skills:

• Strong technical knowledge in information security standards and frameworks.
• Exceptional communication and presentation skills, with the ability to articulate complex compliance issues to technical and non-technical audiences.
• Experience with AI and its implications n compliance, security, and data privacy will be an advantage.
• Proficiency in GRC (Governance, Risk, and Compliance) tools and software.

Why Join Us?

ZS is a global consulting firm; fluency in English is required. Candidates must possess work authorization for their intended country of employment. An on-line application, including a cover letter expressing interest and a full set of transcripts (official or unofficial), is required to be considered.

ZS offers a competitive compensation package with salary and bonus incentives, plus an attractive benefits package.

• Opportunity to lead and shape the compliance landscape of a forward-thinking organization.
• Work with cutting-edge technologies in a collaborative, dynamic environment.
• Competitive compensation and benefits package.