• Evaluate organizational compliance with standards and regulations, including PCI-DSS, PCI-3DS, ISO 27001, ISO 27701, SOC 2 Type 2, and applicable local regulation’s requirements.
• Assess internal controls, identify risks, and prepare detailed audit and compliance reports.
• Conduct IT risk assessments, document findings, recommend improvements, and collect evidence for external audits.
• Collaborate with business process and control owners to design and implement remediation plans.
• Coordinate effectively with internal stakeholders and external auditors to ensure alignment and compliance.
• Support the preparation and maintenance of business documents, policies, and compliance questionnaires.

Requirements

• Professional certification(s) such as CISSP, CISM, CISA, CRISC, CIPP, or equivalent expertise in data security, privacy laws, and compliance program management.
• Strong ability to work indepe...