Back to Jobs
Lead Compliance Specialist
Actively Reviewing
TAC Security
Job Description
Position Summary
We are seeking a highly motivated and experienced Lead Compliance Specialist to lead and strengthen our organization's compliance framework. The ideal candidate will have extensive experience in information security compliance, regulatory requirements, audit management, and governance practices. This role will work closely with internal stakeholders, customers, auditors, and leadership to ensure compliance with global standards and continuously improve the organization's security and compliance posture.
Key Responsibilities
- Lead the implementation, maintenance, and continuous improvement of the organization's compliance programs.
- Manage compliance with international standards and regulatory frameworks, including:
- ISO/IEC 27001
- SOC 2 Type II
- GDPR
- HIPAA
- PCI DSS
- NIST Cybersecurity Framework
- ISO 27701 (preferred)
- Plan, coordinate, and manage internal and external compliance audits.
- Develop, review, and maintain information security policies, standards, procedures, and control documentation.
- Conduct risk assessments, gap analyses, and remediation tracking.
- Partner with engineering, IT, HR, Legal, Product, and Operations teams to implement and monitor security controls.
- Drive customer security assessments, compliance questionnaires, and due diligence activities.
- Monitor changes in regulatory and cybersecurity requirements and recommend necessary updates.
- Manage evidence collection and documentation for audits and certifications.
- Lead vendor and third-party security compliance assessments.
- Establish compliance metrics, dashboards, and executive reporting.
- Mentor and guide junior compliance professionals while promoting a strong culture of security and compliance.
- Support security awareness initiatives and compliance training across the organization.
- Collaborate with leadership to align compliance initiatives with business objectives.
Required Qualifications
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- 6–10+ years of experience in Information Security, Governance, Risk & Compliance (GRC), or Cybersecurity Compliance.
- Strong understanding of information security principles and risk management.
- Hands-on experience managing ISO 27001 and SOC 2 compliance programs.
- Experience with regulatory frameworks such as GDPR, HIPAA, PCI DSS, and NIST.
- Experience leading compliance audits from planning through successful certification.
- Excellent documentation, communication, and stakeholder management skills.
- Strong analytical and problem-solving abilities.
- Experience working with cloud security environments (AWS, Azure, or GCP) is preferred.
Preferred Certifications
- ISO/IEC 27001 Lead Implementer
- ISO/IEC 27001 Lead Auditor
- Certified Information Systems Auditor (CISA)
- Certified Information Systems Security Professional (CISSP)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Information Privacy Professional (CIPP)
- CCSK or CCSP (preferred)
Technical Skills
- Governance, Risk & Compliance (GRC)
- Security Audits & Assessments
- Risk Management
- Internal Controls
- Policy Development
- Vendor Risk Management
- Security Questionnaires
- Compliance Documentation
- Audit Readiness
- Cloud Security Compliance
- Regulatory Compliance
- Security Awareness Programs
Required Skills
Similar Jobs
View all →
Infrastructure & IT Security Engineer
ISECURION
Bengaluru
ISO 27001
Security Compliance
ISO 9001
+8
Product Security Engineer
FPL Technologies
Pune
Security Compliance
ISO 27001
ISO 9001
+5
Senior Analyst, Cyber Security Operations
LPL Financial Global Capability Center
Hyderabad
Security Compliance
ISO 27001
Data Analysis
+8
Cyber Security Analyst (Boston)
Lendbuzz
Security Compliance
ISO 27001
ISO 9001
+2
Cybersecurity Engineer
Correla
ISO 27001
Root Cause Analysis
ISO 9001
+4
Share
Quick Apply
Upload your resume to apply for this position
–