Job Description
The Compliance Engineer is responsible for designing, implementing, and maintaining security compliance frameworks to ensure the organization meets regulatory, legal, and internal security requirements. This role bridges technical security controls and governance requirements, working closely with IT, Security Operations, Risk Management, and business units.
Key Responsibilities:
* Design, implement, and maintain information security compliance programs aligned with standards such as ISO/IEC 27001, ISO 22301, NIST, CIS Controls, and applicable local regulations.
* Translate compliance and regulatory requirements into technical and operational security controls.
* Support security risk assessments, gap analyses, and internal audits.
* Coordinate and support external audits (certification, regulatory, customer audits).
* Monitor compliance status and track remediation of non-conformities and audit findings.
* Work with Security Operations and IT teams to ensure controls are properly implemented and documented.
* Maintain compliance evidence, metrics, and dashboards for management reporting.
* Participate in incident response activities to ensure regulatory and compliance requirements are met.
* Stay updated on emerging regulations, standards, and best practices in information security compliance.
* Provide security compliance guidance and awareness to technical and non-technical stakeholders.
Technical & Compliance Skills:
* Risk assessment, Policy development, Audit management
* Familiarity with security tools (SIEM, vulnerability management, IAM, endpoint security) from a compliance perspective.
Employment Type
- Full Time
Job Category
Educations
Seniority
Details
Employment type
- Full Time
Job Category
Educations
Seniority
