Key Responsibilities: Lead External Certifications: Manage full lifecycle of third-party audits and certifications for ISO 27001, ISO 42001, ISO 27701, and PCI DSS. Client & Internal Audits: Act as the primary lead for client security audits and questionnaires, and plan/executing internal compliance assessments. Audit Remediation: Coordinate with teams to address findings, track non-conformities, and ensure evidence of remediation. Framework Development: Define, implement, and mature the organization's Risk Management Framework to mitigate security risks. Policy Lifecycle Management: Review, draft, and enhance company-wide security policies, procedures, and standards. Continuous Improvement: Identify governance gaps and recommend strategic security improvements. GRC Tool Administration: Implement and optimize GRC tools to streamline compliance workflows and evidence collection. Unified Control Framework (UCF): Map controls across multiple standards (ISO, PCI, NIST, HIPAA) for efficienc...