Information Security Compliance Specialist

Job Summary: The Information Security Compliance Specialist is responsible for identifying risks and ensuring the organization remains compliant with industry standards, relevant laws, and regulations. This role is instrumental in maintaining ISO 27001 and ISO 27701 certifications, as well as achieving and sustaining compliance with NIST 800-171. The Compliance Specialist will streamline audits, maintain certifications, and develop policies to uphold data security commitments. This position requires strong attention to detail, knowledge of compliance frameworks, and the ability to work collaboratively across departments.

Essential Functions

·         Ensure ongoing compliance with ISO 27001, ISO 27701, GDPR and NIST 800-171 requirements.

·         Develop, implement, and update security policies and procedures to meet regulatory and industry compliance standards.

·         Coordinate and support internal and external security audits, including audit preparation and response.

·         Conduct risk assessments to identify compliance gaps and recommend corrective actions.

·         Monitor changes in regulations and industry standards to ensure continued compliance.

·         Collaborate with IT and security teams to align compliance initiatives with security operations.

·         Provide training and guidance to employees on security policies and best practices.

·         Maintain compliance documentation and ensure proper record-keeping for audits and assessments.

·         Act as a liaison with auditors, regulators, and third-party assessors regarding security compliance matters.

·         Assist in incident response efforts to ensure compliance with reporting and documentation requirements.

Required Knowledge, Skills, Abilities

·         Strong understanding of ISO 27001, ISO 27701, and NIST 800-171 compliance requirements.

·         Experience conducting risk assessments and implementing security controls.

·         Knowledge of cybersecurity frameworks, regulatory standards, and industry best practices.

·         Ability to develop and document security policies, procedures, and controls.

·         Strong analytical skills to evaluate compliance risks with the ability to work across departments to meet compliance goals and recommend mitigation strategies.

·         Excellent organizational and project management skills to track and manage compliance initiatives.

·         Effective communication skills to provide training and collaborate with cross-functional teams.

·         Familiarity with security tools and technologies that support compliance efforts.

Required Education, Certifications/ Licenses, Related Experience

·         Bachelor's degree in Information Security, Cybersecurity, Compliance, or a related field (or equivalent experience).

·         Experience in ISO 27001, ISO 27701, NIST 800-171, and GDPR framework

·         Industry certifications such as CISA, CISM, CISSP, or ISO 27001.

·         Minimum of 3 years of experience in information security compliance, risk management, audit, or related field.

·         In lieu of degree, a total of 8 years of experience in related field (in addition to the management experience required) will meet the education and related experience requirements listed above.

Physical Job Requirements

·         Ability to work in an office environment with extended periods of desk work.

·         May require occasional lifting of equipment or documentation materials.

·         Ability to respond to compliance-related inquiries outside of regular business hours if needed.

Travel Requirements

·         Occasional travel may be required for training, conferences, or collaboration with remote teams.

·         Anticipated travel will be by car, air, and/or train

Securiport is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. Securiport is committed to working with and providing reasonable accommodations to applicants with physical and mental disabilities. Please see the United States Department of Labor's EEO poster and EEO poster supplement for additional information.

Disclaimer: Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time. The above statements are intended to describe the general nature and level of work being performed by people assigned to this position at the time this job description was written. They are not intended to be an exhaustive list of all duties, responsibilities and skills required of personnel so classified. This document does not create an employment contract, implied or otherwise, and all employees in this position are employed “at-will.”