Certification Management & Audit Coordination:

• Lead and manage certification processes such as ISO 27001, PCI DSS, and for the licenses that we hold.
• Organize and coordinate internal and external audits, ensuring compliance and facilitating smooth audit processes.
• Collaborate with external auditors and certification bodies to prepare necessary documentation and evidence for audits.
• Track audit findings, manage remediation efforts, and provide follow-up to ensure corrective actions are implemented effectively.

Risk Assessment & Mitigation:

• Assist in risk assessments to identify issues across systems, processes, and business operations.
• Recommend risk mitigation strategies tailored to specific organizational needs.
• Maintain a risk register and work with cross-functional teams to monitor and update risk statuses.
• Provide insights and risk-based recommendations during project reviews and strategic planning sessions.

Policy Development & Documentation:

• Assist in the creation, review, and revision of security policies, procedures, and control frameworks to ensure compliance with regulatory standards.
• Document and maintain a detailed inventory of controls, processes, and compliance requirements.
• Develop training materials and deliver presentations to staff on compliance best practices and emerging risk topics.

Compliance Monitoring & Reporting:

• Stay informed about evolving regulations, industry trends, and emerging threats, translating these into actionable insights for the organization.
• Implement and maintain compliance monitoring mechanisms to track adherence to internal policies and external regulations.
• Prepare detailed reports for senior management, outlining compliance status, audit outcomes, and risk trends.
• Facilitate regular compliance reviews and update stakeholders on progress and improvements.

Cross-Functional Collaboration & Stakeholder Engagement:

• Serve as a key liaison between IT, legal, operations, and business units to ensure integrated risk management and compliance strategies.
• Support business units in interpreting and implementing regulatory requirements into everyday operations.
• Participate in planning and management to incorporate compliance considerations.
• Support during regulatory inquiries or security incidents.