IT Compliance Officer

Industry Category	Computer / Information Technology	Position	IT-Network / Sys / DB Admin
Recruitment Department		Number Of Recruits	several
Work Location	Metro Manila (NCR) Quezon City	Nature Of Work	Full Time
Gender Requirements	Male	Marriage Requirement	No marital status restrictions
Education Level	College Diploma	Work Experience	No work experience restrictions
Age Requirement	Above 18 years old	Salary Package	120000-168000 PHP / Monthly
Updated Date	2022-09-27	Valid Until	Long-term validity

Manage compliance assessments across a broad range of programs, including PCI, ISO 27001, HITRUST, and other assurance programs as needed

The Compliance Analyst is a member of a cross functional team that is tasked with ensuring that the company's IT technology and IT operations are in alignment with the applicable regulations, standards, and contractual obligations. As part of this team, the IT Compliance Officer performs internal audits and assessments of IT assets, policies, and processes to validate they comply with all applicable standards and/or obligations. This role also manages external assessments that are conducted by customers, their partners, and third parties, to demonstrate the company’s alignment with customer security standards and controls.

Responsibilities:

Audit/assess IT controls to ensure compliance with regulatory, contractual, and internal standards and/or obligationsManage compliance assessments across a broad range of programs, including PCI, ISO 27001, HITRUST, and other assurance programs as neededConducted supplier due diligence reviewsSupport IT and business stakeholders to create clear, actionable plans detailing specific deliverables, timelines, and accountability to resolve information security issuesTracking and reporting of outstanding security-related issuesFacilitate the annual review of compliance policies, processes, and proceduresComplete daily, weekly, and monthly compliance reports and other scheduled reports as assignedComplete quarterly and semi-annual access recertificationReview and approve production change requestsParticipate in incident response drills and live events to ensure the team follows the defined incident response strategy, policies, and proceduresLead the implementation, communication, and training of awareness and compliance programsRemain up-to-date on regulatory changes and landscape, best practices and developments in the industryRepresent and advance a “compliance culture” within the organizationProvide 7x24 support for critical security issuesPerform other duties as assigned

Required Work Experience:

Strong knowledge and 5+ years of experience in PCI DSS, ISO 27001, and HITRUST frameworksStrong knowledge and 5+ years of experience in risk management frameworksStrong knowledge of Windows operating systems, network technology, mobile technologies, and business applicationsFirm understanding of audit methodologies and developing internal audit deliverables including process flows, work programs, audit reports, and control summariesFirm understanding of process areas including service management, change management, problem management, incident management and access management

Professional Competencies:

Excellent verbal and written communications and presentation skills with the ability to communicate with internal/external customers, suppliers, management etc. in both formal and informal situationsAbility to forge and maintain positive relationships with auditees to identify opportunities to improve ease of audit and assessment practicesAbility to research, analyze, and resolve issues stemming from non-complianceAbility to learn quickly and adjust to changes in technologyResults oriented, high energy, self-motivatedOrganized, responsible, and meticulousAble to prioritize multiple tasks in a fast-paced environment

Education Requirements:

BS in information systems, computer science or equivalent with 5+ years of hands-on compliance or IT audit experience in a large, global enterprise environmentIndustry recognized certifications such as CISA, ISO 2701 Lead Auditor, PCI ISA/QSA, HITRUST CCSFP preferred

*Must be willing to work on a hybrid set up, work on night shift or shifting schedule, and willing to have occasional domestic and international travel.

HCM Nexus has been delivering best fit HR solutions and candidates to our clients since our humble beginnings in December 2012. It has been inspired by our dream of an organization that provides quality recruitment and HR services to clients, while helping job candidates establish and build their careers.STRONG BUSINESS PARTNERSHIPS, SUCCESSFUL CANDIDATES.Our commitment to both companies and individuals has strengthened our place in the industry as a fair, reasonable, and reliable service provider. We believe in talent and passion, and that it is possible to find the job where people can be their best. Finding the best fit of solutions and people for your business drives our passion to serve.TURNKEY SOLUTIONSJust like a bespoke tailor finds the right materials and determines the proper cut for a great suit, we take the time to diligently analyze the particular needs of our clients in terms of job candidates and HR interventions. Rigorous selection and careful planning ensure that the people we recommend and the services we provide actually resolve organizational problems and help you achieve your business targets.FUTURE-PROOF FIXESIn terms of HR and business solutions, we create programs that are APPROPRIATE, RELEVANT, and PROPERLY-SCALED to help clients succeed in their current endeavors, but always with an eye to their future horizons. We ensure that proper job matching occurs and that the HR solutions we deliver will cater not only to your present needs but also to possible future issues and developments.SUITED FOR SUCCESSHCM Nexus adheres to the principle that proper job matching ensures that both clients and candidates come out of the engagement as winners. For the clients, Success is when they get the best candidate for the position. For the candidates, Success is when they find a job that they love.