Cloud Security Compliance Specialist

Job Description:

We are seeking a seasoned Cloud Security Compliance Specialist to join our team. As a key member of our compliance department, you will be responsible for leading and executing audits focused on cloud environments, cybersecurity, and technical controls. This role assesses compliance with frameworks such as NIST, ISO 27000 series, and data privacy regulations, and identifies risks and recommends improvements.

About the Role:

• Lead and execute internal audits to evaluate the effectiveness of security controls, technical configurations, and security practices across our systems, infrastructure, and applications.
• Perform comprehensive risk assessments to identify potential threats and vulnerabilities across cloud environments, infrastructure, and systems, and recommend risk mitigation strategies.
• Review and assess internal security policies and procedures to ensure they are current, comprehensive, and aligned with regulatory requirements, internal governance standards, and applicable contractual obligations.
• Evaluate our organization's compliance with regulatory and industry frameworks, including NIST, ISO 27000 series, GDPR, HIPAA, PCI DSS, and SOC 2, and identify gaps and recommending corrective actions.
• Plan and execute audits end-to-end, including defining objectives and scope, developing audit programs, conducting interviews, collecting technical evidence, and documenting findings.
• Prepare and deliver comprehensive audit reports that communicate findings, control weaknesses, and actionable recommendations for remediation to stakeholders and senior management.
• Collaborate with cross-functional teams across the business to support remediation of audit findings and drive continuous improvement initiatives related to security and compliance.
• Provide subject matter expertise and guidance on security risks, controls, and compliance requirements to internal teams.
• Maintain a strong understanding of evolving security threats, regulatory changes, and best practices to maintain a forward-looking audit program that supports a secure and compliant environment.
• Contribute to the development of audit programs, processes, working templates, and best practices in a growing internal audit team.

Requirements:

• Bachelor's or higher degree in Information Systems, Computer Science, Cybersecurity, or related field.
• 3-5 years of experience in technology auditing, IT risk and compliance, or information security, with strong exposure to cloud environments and technical controls.
• Deep understanding of cloud computing models (e.g., SaaS) and the related control requirements.
• Proven experience auditing or implementing controls aligned with NIST, ISO 27001, SOC 2, PCI DSS, GDPR, HIPAA, or similar standards.
• Demonstrated ability to plan, lead, and execute complex audits with minimal supervision.
• Familiarity with IT infrastructure, security tools, access controls, and data protection technologies.
• Excellent written and verbal communication skills, with the ability to present technical findings to both technical and non-technical audiences.
• Requires strong organizational skills and the ability to manage multiple projects effectively in a fully remote work environment.
• Preferred professional certifications such as CISA, CISSP, or equivalent.
• Seeking a proactive, self-directed professional with a proven ability to shape and elevate a high-performing internal audit function.

Benefits:

• Annual merit increase based on performance
• 15% night shift differential pay
• Paid Leave with Cash Conversion
• HMO with free dependents
• Retirement Plan
• Life Insurance
• Internet and meal allowance while on work from home setup
• Employee Assistance Program for mental and social well-being
• Government-mandated benefits

About Us:

We value diversity and are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better we are. We are an equal opportunity employer.