AdTechTalent
Other19 months agoOn-site

Epsilon

Senior Cyber Security Risk and Compliance Analyst

SOC auditsSOC 1SOC 2SOC 3HIPAAPCIISO 27001AICPA Trust Services Criteriasecurity riskauditcompliancerisk managementproject management

Key details

Salary

Not specified

Employment type

Full-time

Seniority

Mid-level

Years experience

5-10

Location

Bengaluru, India

Full job description

Manage SOC 1, 2 & 3 audit preparatory processes and related activities including internal and IT controls testing. Act as a security advisor identifying gaps and recommending solutions. Facilitate external audits (SOC 1, 2, 3, HIPAA, PCI, ISO 27001). Manage risk acceptance requests and perform security risk evaluations. Improve operational efficiency and internal control effectiveness. Oversee audit activities ensuring compliance with timelines and standards. Collaborate cross-functionally and with external auditors. Provide technical expertise and training. Communicate audit results to stakeholders and senior management. Participate in business unit meetings on audit scope and progress. Engage with senior management on business risks and audit plans. Communicate with regulators and risk committees for continuous monitoring. Requires 5-10 years experience with minimum 2-3 years in SOC audits, knowledge of compliance frameworks, strong project management, leadership, analytical, and communication skills.

What you'll do

  • Manage the Organization’s SOC 1, 2 & 3 audits’ preparatory processes and oversee related activities
  • Manage a body of testing pertaining to the company’s internal and IT controls
  • Act as a Trusted Security Advisor to the organization, identifying gaps, providing recommended solutions and evaluating them
  • Facilitate external audits including SOC 1, 2, 3 and compliance requirements such as HIPAA, PCI, ISO 27001
  • Manage submission of risk acceptance requests including review, analysis, scoring, development of mitigating controls and renewal review
  • Perform security risk evaluations including identification of key controls, drafting audit program and executing evaluation
  • Provide input to improve operational efficiency and/or enhance design or operating effectiveness of internal control environment
  • Oversee all audit activities relating to SOC 1, 2 & 3 audits ensuring work and deliverables meet timeframes and standards
  • Partner cross-functionally and with external auditors to understand processes and communicate status
  • Provide technical expertise and training to direct reports, department and internal partners
  • Communicate test and audit results and analysis timely to stakeholders and senior management
  • Participate in meetings with business units to discuss test and audit scoping, progress and results
  • Interact with senior management to understand business risks, changes and events impacting audit plan
  • Communicate with regulators, external auditors and risk management committees as part of continuous monitoring

Requirements

  • Overall experience of 5 - 10 years but minimum of 2 - 3 years in handling SOC audits
  • Understanding of compliance frameworks such as PCI, ISO 27001, AICPA Trust Services Criteria, HIPAA, etc.
  • Audit firm/Big 4 experience preferred
  • Able to coordinate with other departments regarding various external audits and other security-related matters
  • Ability to review, assess and evaluate security risk
  • Ability to project manage, aligning to audit timelines and developing milestones
  • Strong leadership, analytical and organizational skills
  • Strong project management skills
  • Strong communication (both verbal and written) skills

Apply now

This MVP uses a placeholder application flow. In production, this section can connect to an external apply URL or a native application form.

Continue to applicationBrowse more jobs

Similar jobs

More roles worth a look

Related opportunities based on specialty and working model so candidates can keep momentum.