Back to Jobs
IT Compliance and Security Manager
Actively Reviewing
RGP
Job Description
The IT Compliance & Security Manager is responsible for the integrity of the organization’s cybersecurity framework, regulatory compliance (including SOX), and data privacy programs. This role ensures that our technical systems are secure, our financial reporting controls are airtight, and our data handling practices meet global privacy standards while fostering a security-first culture through comprehensive employee training.
What you will work on
- Privacy Governance: Develop and maintain policies to ensure compliance with global data privacy regulations (e.g., GDPR, CCPA/CPRA, HIPAA).
- Data Mapping: Lead data discovery and classification efforts to identify where sensitive and personal identifiable information (PII) resides.
- Privacy Impact Assessments (PIA): Conduct assessments for new projects or vendors to evaluate risks to individual privacy.
- DSAR Management: Oversee the process for fulfilling Data Subject Access Requests and ensuring "right to be forgotten" protocols are functional.
- Program Development: Design and deploy a mandatory company-wide security and privacy awareness curriculum.
- Phishing Simulations: Execute regular simulated phishing campaigns to test and improve employee vigilance; report on metrics to leadership.
- Targeted Training: Provide specialized training for high-risk groups, such as developers (secure coding) and finance teams (wire fraud/BEC prevention).
- Culture Leadership: Act as the internal champion for security, turning compliance requirements into understandable, everyday best practices for all staff.
- ITGC Management: Design and monitor General IT Controls (GITCs) and Segregation of Duties (SoD) to support SOX 404 requirements.
- Audit Liaison: Lead walkthroughs and evidence collection for internal and external auditors; manage the remediation of any identified control gaps.
- Change Control: Ensure all system changes follow a documented lifecycle of authorization, testing, and approval to maintain the integrity of financial systems.
- Third-Party Risk: Evaluate vendor SOC reports and privacy practices during the procurement process.
- Incident Response: Partner with legal and IT teams to manage security incidents, focusing specifically on data breach notification requirements.
WHAT YOU WILL BRING
- Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field.
- 10+ years in IT security, audit, or compliance, with a proven track record in SOX environments and Data Privacy programs.
- Professional certifications such as CISSP, CISM, or CISA.
- Familiarity with GRC platforms, Privacy Management software (e.g., OneTrust), and Learning Management Systems (LMS).
- Exceptional ability to educate non-technical employees on complex security and privacy risks.
Similar Jobs
View all →
Security Risk & Compliance Program Manager
IBM
Bengaluru
Release management
Capacity Planning
Program Management
+2
Information Security Compliance Manager (India)
Tide
Delhi
Adobe Illustrator
Monitoring
Excel
Compliance and Security Specialist L1
Lenovo
Mumbai
Adobe Illustrator
Process Improvement
Monitoring
Microsoft Security and Compliance Manager - L3
SHI Solutions India Pvt. Ltd.
Gurugram
Management
Security Manager
IBIS
Bengaluru
Similar Jobs
View all →
Security Risk & Compliance Program Manager
IBM
Bengaluru
Information Security Compliance Manager (India)
Tide
Delhi
Compliance and Security Specialist L1
Lenovo
Mumbai
Microsoft Security and Compliance Manager - L3
SHI Solutions India Pvt. Ltd.
Gurugram
Security Manager
IBIS
BengaluruShare
Quick Apply
Upload your resume to apply for this position
–