Job Specifications
We are looking for a Compliance Assessor with 2–5 years of hands-on experience performing end-to-end security assessments across a variety of security standards and frameworks. The role involves conducting comprehensive assessment of applications, networks, and infrastructure, identifying exploitable weaknesses, and delivering clear, actionable remediation guidance to stakeholders at all levels.
Responsibilities:
Perform security and privacy compliance assessments to confirm solution compliance with different industry and government standards and frameworks
Prepare compliance documentation such as security plans, plan of action and milestones, security roadmaps, policies, standards, and procedures
Support documentation delivery, evidence collection, and remediation reporting for client or third-party audits and assessments
Collaborate with stakeholders to collect and analyze evidence required to demonstrate compliance with standards. Conduct interviews with stakeholders to gather information and assess the security and privacy posture of an organization and its systems
Make implementation recommendations for new processes, solutions, or updates to existing solutions/processes that support adherence to industry standards and enhance an organization’s security posture
Support the process of obtaining necessary approvals for cybersecurity artifacts (e.g., security plans, roadmap)
Automate security and privacy compliance assessments with GRC solutions
Qualifications:
Bachelor's degree from an accredited college or university in information technology, decision and information sciences, computer science, or related discipline, or equivalent work experience
2 to 3 Years of experience conducting internal or third-party assessments
Understanding of one more cybersecurity domain (e.g., identity and access management, infrastructure/cloud security, applications security)
Experience with controls architecture and design, and testing
Good verbal and written communication skills
Knowledge on NIST SP 800-53, CMS MARS-E 2.2, FedRAMP, HIPAA, PCI, State RAMP, SOC 2 Type II, and other relevant industry and government cyber security compliance standards and frameworks
About the Company
Inspira Enterprise is a global Cybersecurity & Data Analytics & AI services provider with a presence in North America, ASEAN, Middle East, India, and Africa regions. We offer a wide range of services to a host of industries like Banking, Financial Services and Insurance (BFSI), Healthcare, Public Sector, Manufacturing, Information Technology Enabled Services (ITeS) eCommerce, and others. Inspira's cybersecurity services are very extensive ranging from the basic perimeter security to complex incident management and response. ...
Know more