Lead Information Security initiatives at Starling, the UK's leading digital bank. Manage policy frameworks, team performance, and ensure compliance with security standards.
About the role
- Sr Information Security Compliance & Audit Analyst supporting ISO27001 compliance and audit activities. Manage IT compliance activities across North and Central America at Ingram Micro.
Responsibilities
- Manage and Support IT compliance activities for regional information security support of ISO27001 auditing, reporting and remediation where appropriate
- Coordinate and communicate IT compliance activities to align with Global Information Security leadership in support and improvement of ISO27001 management system
- Ensure regional Information Security compliance to Information security standards (ISO27001) requirements
- Plan and conduct complex IS and integrated audit/compliance projects, including preparation of an objective risk-based assessment and an effective audit/compliance approach
- Leads and/or participates on audit/compliance activities of various locations and departments for compliance with plans, policies and procedures
- Execute operational activities to support IS audit and compliance activities including technical validation processes
- Execute collection of evidence to support compliance status
- Provide and present reporting including monthly metric delivery
- Manage escalation and enforcement for unresolved noncompliance issues
- Manage and Support External Audit activities and reporting
- Work with Information Security staff to ensure tools and reporting mechanisms are satisfactorily meeting statutory objectives
- Support compliance and security validation of all 3rd party IT providers
- Maintain strong working relationships with internal and external support teams including Global, Regional and Country Information Security associates
- Work on special projects as required by management
- Stay abreast of changes within the Information Security compliance areas including business change requirements and regulatory changes from an international perspective
- Support and enforce Information Security Policy, Standards, and Guidelines for business operations and technology implementations
- Work as the Subject Matter Expert (SME) on assigned projects and offers council regarding the intent of Compliance requirements
Requirements
- Bachelor’s degree in computer science, engineering, or related science and math discipline with an information security or business emphasis
- A minimum of 5 years of experience with IS compliance projects (specifically ISO27001)
- Understands key security concepts such as access management, vulnerability and patch management, security information event management, and encryption
- Strong understanding of TCP/ IP and other network protocols
- Understanding of the basic audit best practices, standards and methodologies
- Ability to formulate detailed technical documentation preferred
- ASQ Certified Engineer, Auditor or OE Managers preferred
- Experience using SharePoint, MS Excel, Word, PowerPoint and Visio
- Must possess a valid passport and be legally allowed to leave and return to originating country.
Benefits
- Healthcare benefits
- Paid time off
- Parental leave
- 401(k) plan and company match
- Short-term and long-term disability coverage
- Basic life insurance
- Wellbeing benefits
Job title
Job type
Experience level
Salary
Degree requirement
Location requirements
Technical Operator handling ticket resolution and IT troubleshooting in a structured team environment for Managed Security Services. Interfacing with varied technical tools to support international clients.
Support Health, Safety, and Security processes at East West Rail. Coordinate training, manage budgets, and ensure compliance with regulatory standards.
AI Security Engineer focusing on adversarial machine learning and enterprise security architecture. Leading red team engagements and translating technical risk into governance frameworks.
AI Security Architect leading adversarial testing for enterprise AI products, integrating security findings into governance frameworks. Collaborating with engineering and compliance functions in a hybrid work environment.
Leading GRC & IT Security Consulting at Orange Cyberdefense in Zürich. Drive business growth and manage client relationships while leading a technical consulting team.
Senior Endpoint Security Engineer at Metric5 managing CrowdStrike Falcon deployment for Department of Treasury. Overseeing sensors rollout and resolving high - tier architectural issues in diverse IT environments.
Cybersecurity Sales Specialist responsible for driving sales across Fortune 250 accounts. Engage with C - suite leaders to enhance cybersecurity solutions and strategies across global enterprises.
Sales Specialist for Data Security driving growth in Public Sector and MidMarket teams at Proofpoint. Partnering with core sales reps and delivering value in Data Security portfolio.
Principal Product and Process Security Certification Expert at NXP driving security evaluation and certification for embedded products. Responsible for compliance with cybersecurity standards and certifications in emerging markets.