Security Compliance Analyst

About TaskUs: TaskUs is a provider of outsourced digital services and next-generation customer experience to fast-growing technology companies, helping its clients represent, protect and grow their brands. Leveraging a cloud-based infrastructure, TaskUs serves clients in the fastest-growing sectors, including social media, e-commerce, gaming, streaming media, food delivery, ride-sharing, HiTech, FinTech, and HealthTech. 

The People First culture at TaskUs has enabled the company to expand its workforce to approximately 45,000 employees globally. Presently, we have a presence in twenty-three locations across twelve countries, which include the Philippines, India, and the United States.

It started with one ridiculously good idea to create a different breed of Business Processing Outsourcing (BPO) We at TaskUs understand that achieving growth for our partners requires a culture of constant motion, exploring new technologies, being ready to handle any challenge at a moment's notice, and mastering consistency in an ever-changing world.

What We Offer: At TaskUs, we prioritize our employees' well-being by offering competitive industry salaries and comprehensive benefits packages. Our commitment to a People First culture is reflected in the various departments we have established, including Total Rewards, Wellness, HR, and Diversity. We take pride in our inclusive environment and positive impact on the community. Moreover, we actively encourage internal mobility and professional growth at all stages of an employee's career within TaskUs. Join our team today and experience firsthand our dedication to supporting People First.

What can you expect in a Security Compliance Analyst role with TaskUs: 

Think of yourself as someone who provides a pivotal role in the oversight and implementation of system-wide information security strategies and solutions. You will have a significant role in performing audits, tracking vulnerability assessments, testing security, and working with operations teams on remediation and mitigation of audit findings.

Imagine yourself going to work with one thing on your mind: to manage and improve overall IT/Security Monitoring and Incident Response programs using processes, procedures, and automation.

Key Responsibilities:

• Ensuring Alignment of Security Controls to Client requirements.

• Support  the Security Compliance Manager in handling the assessment and integration of security controls of the entire corporate environment in line with customer requirements.

• Support the management of all enterprise security compliance requirements including PCI DSS, SOC 2, HIPAA/HITRUST and ISO 27001.

• You will be expected to assist in the development and maintenance of security operations procedures and processes, as well as work with the business units outside of InfoSec to formally document policies and procedures.

• Must be able to work with security engineers for the optimal configuration of the network and host-based security platforms - aligned with compliance requirements.

• Recommends and supports deployment of additional security products and tools, or enhancements to existing tools, to mitigate security risk and detect/remediate compromises.

• Work with security engineers for the optimal configuration of network and host-based security platforms in line with compliance requirements.

• Provide Incident Response support as needed in response to information security related events.  In the event of security incident response, participate in the analysis, troubleshooting, and investigation of security-related, information systems anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts.

• Evaluate systems using vulnerability scanners and manual techniques to verify system security settings and configurations. 

• Performs other duties as assigned. 

Preferred Qualifications: 

• At least 5 years experience, two of which are focused on IT security and/or IT audit

• In-depth and hands-on experience with at least 2 of the following compliance requirements: PCI DSS, SOC 2, HIPAA/HITRUST and ISO 27001

• Must possess a strong understanding of enterprise, network, system and application level security issues; functional awareness of both Linux-based and MS Windows-based system platforms

• Has a strong IT technical understanding and aptitude for analytical problem-solving; understand enterprise computing environments, distributed applications, and understanding of TCP/IP networks

• Previous background working on system hardening processes, tools, guidelines and benchmarks

• Experience in DLP policy and vulnerability management scanning platforms

• Experience in Cloud Access Security Broker solutions is a distinct advantage

• Has knowledge of Business Continuity Management (BCM) and Business Impact Analysis (BIA) 

• Has good Project Management skills with the ability to self-start projects

• Can handle sensitive and/or confidential material and information with suitable discretion

Education / Certifications:

• Bachelor's degree in MIS/Computer Science or Business and/or combination of education and relevant experience

• Must have an industry recognized information security certification, such as CISA, CISM, CISSP, SSCP ,CCIE or CEH.

How We Partner To Protect You: TaskUs will neither solicit money from you during your application process nor require any form of payment in order to proceed with your application. Kindly ensure that you are always in communication with only authorized recruiters of TaskUs.

DEI: In TaskUs we believe that innovation and higher performance are brought by people from all walks of life. We welcome applicants of different backgrounds, demographics, and circumstances. Inclusive and equitable practices are our responsibility as a business. TaskUs is committed to providing equal access to opportunities. If you need reasonable accommodations in any part of the hiring process, please let us know.

We invite you to explore all TaskUs career opportunities and apply through the provided URL