Information Security Compliance and Risk Specialist (QU-SCR-20250718)

Remote
Celara /
Contract /
Remote
Apply for this job
We are seeking an enthusiastic Information Security Compliance and Risk Analyst ready to join a talented, hard-working, and ambitious Infosec team. 

What you’ll do here

    • As a key contributor to our security and compliance initiatives, you will apply a deep understanding of risk management principles and a strong command of global privacy regulations.

      • You’ll bring hands-on experience in designing, implementing, and auditing comprehensive compliance programs aligned with leading industry standards, including PCI DSS, SOC 2, ISO 27001/27002, and the NIST Cybersecurity Framework.

      In this role, you will work cross-functionally with internal stakeholders to enhance the organization’s security posture, ensure adherence to data protection requirements, and drive ongoing improvements in response to evolving regulatory and industry demands.

Responsibilities

    • Support the development, implementation, and enforcement of information security policies, standards, procedures, and controls to meet legal, regulatory, and contractual obligations.
    • Assist in evaluating the organization’s existing IT architecture against applicable security frameworks (e.g., NIST CSF, NIST 800-53) to ensure compliance and identify areas for enhancement.
    • Oversee and support the implementation of compliance controls and operational processes aligned with recognized security frameworks and best practices.
    • Plan and execute regular internal audits to ensure ongoing compliance with key security standards such as PCI DSS, SOC 2, and ISO/IEC 27001.
    • Enhance and maintain a comprehensive Risk Management and Incident Response framework to ensure effective identification, mitigation, and response to security threats.
    • Conduct audits and assessments to validate adherence to data protection policies and ensure alignment with global privacy and data protection regulations.
    • Design and deliver privacy and security training programs, including awareness campaigns to foster a security-conscious culture across the organization.
    • Monitor regulatory developments and maintain compliance with evolving privacy laws, including but not limited to CCPA, GDPR, PIPEDA (Canada), and LFPDPPP (Mexico).

Experience We’re Looking For

    • Bachelor's degree in Information Security, Computer Science, or a related field.
    • Minimum of 3-5 years of experience in Information Security, with a focus on GRC, PCI DSS, SOC 2, ISO 27001, and privacy regulations.
    • Knowledge in privacy regulations and data protection laws in the USA (e.g., CCPA, Texas Act), Canada (e.g., PIPEDA), and Mexico (e.g., LFPDPPP).
    • Experience with risk management practices,  security audits, and compliance frameworks, including but not limited to NIST, OWASP, SANS, ISO-27001/2, and Cloud Security Alliance. 
    • Strong attention to detail and the ability to work independently.
    • Excellent problem-solving skills with a proactive attitude toward risk mitigation.
    • ​​Strong ethical standards and commitment to data security and privacy.

Nice to have

    • General knowledge of cloud environments.
    • Experience working with Governance Risk and Compliance technologies.
    • Experience implementing Data Privacy Technologies.
    • Certifications such as CISA, ITIL Expert, Certified Governance Risk and Compliance (CGRC)
Apply for this job

Celara Home Page

Jobs powered by Lever logo