Security Compliance Analyst / Manager
Hong Kong
Full time
Hybrid
Compensation is not specified
Role
Security Engineer
Description
As a member of our team, you will play a crucial role in our security compliance efforts. Your responsibilities will include assisting in various security compliance programs and certifications, conducting internal assessments and audits, managing compliance gaps, and providing recommendations for remediation. Additionally, you will offer technical guidance to ensure compliance across all business units and contribute to the advancement of automation projects.
Responsibilities
- Support security compliance programs such as ISO27001, ISO27701, PCI-DSS, and SOC 2.
- Engage in internal and external security and privacy assessments, audits, and risk management.
- Respond to internal and third-party inquiries relating to security compliance in a comprehensive and accurate manner.
- Conduct security compliance assessments and oversee remediation actions.
- Develop necessary controls to meet international standards and local regulations.
- Evaluate and enhance technical and organizational controls to ensure compliance effectiveness.
- Identify opportunities for automating control testing and audit preparation through scripting and compliance tools.
- Drive automation initiatives for improved compliance monitoring, evidence gathering, and reporting processes.
Requirements
- Experience in information security compliance, security operations, or technology risk management.
- Knowledge of security control assessments, risk assessments, or security solution implementation.
- Familiarity with ISO27001, ISO27701, SOC 2, PCI DSS, cloud technologies, and data protection regulations.
- Security certifications such as CISSP, CRISC, CISM, CISA, ISO27001 LA, CIPT, or CIPP/E are advantageous.
- Minimum of 3-5 years of experience in a dynamic work environment; candidates with less experience may be considered for junior roles.
- Previous experience leading compliance initiatives and interacting with auditors and regulators.
- Expertise in compliance automation tools, using scripting, security orchestration, AI, and related technologies.
- Hands-on experience in implementing automated control testing in cloud or hybrid environments.
- Positive attitude, collaborative nature, and a commitment to personal growth.
- Strong analytical skills, attention to detail, and effective communication abilities when conveying complex technical concepts to non-technical stakeholders.
- Prior exposure to project management practices.
Skills Required

Сrypto.com
Website
Сrypto.comCompany size
Not specified
Location
United States
Description
Not specified