Global Compliance and Regulatory Security Specialist

If you're seeking a sense of community and the ability for growth, look no further. Since 1982, we have been 100% dedicated to our people. Our approach permits greater ownership for individuals and welcomes input into decisions for a thriving workplace and happy employees. Our people are the core reason for AIS' success. As an employee owned company, we are looking for individuals that are passionate about finding innovative solutions, and excited about emerging technologies and capabilities.

Job Summary:

The Global Compliance and Regulatory Security Specialist will be responsible for mapping our existing control framework (NIST CSF 2.0) to various global regulations. The ideal candidate will have extensive experience in the global compliance and regulatory landscape, a strong understanding of risk management and controls, and a solid background in security. This role will also involve developing and documenting detailed control implementation descriptions to effectively respond to regulatory inquiries.

Key Responsibilities:

• Conduct comprehensive mapping of the existing control framework (NIST CSF 2.0) to global regulatory requirements such as NY DFS, GDPR, Digital Resilience Operations Act (DORA), APAC Prudential Standard CPS234, etc.

• Develop detailed control implementation descriptions to demonstrate how the organization meets and adheres to these regulations.

• Collaborate with internal stakeholders within Information Security & Risk Management to identify gaps in the current control framework and recommend necessary adjustments.

• Monitor and interpret changes in global regulatory requirements and ensure timely updates to the control framework.

• Provide subject matter expertise in global compliance, regulatory requirements, risk management, and security controls.

• Maintain a thorough understanding of the NIST Cybersecurity Framework (CSF) and other relevant standards.

Qualifications:

• Bachelor's degree in Information Security, Risk Management, Compliance, or a related field. Advanced degrees or relevant certifications (e.g., CISSP, CISM, CRISC) are highly desirable.

• A minimum of 3-5 years of experience in global compliance, regulatory requirements, risk management, and information security.

• Demonstrated experience in mapping control frameworks to regulatory requirements, particularly NIST CSF.

• In-depth knowledge of global regulatory standards, including but not limited to DORA and APRA.

• Strong analytical and problem-solving skills with a keen attention to detail.

• Excellent communication and interpersonal skills, with the ability to effectively convey complex information to diverse audiences.

• Proven ability to work independently and collaboratively in a fast-paced environment.

• Strong organizational skills and the ability to manage multiple tasks and projects simultaneously.

Applied Information Sciences is an Equal Opportunity Employer and does not discriminate on the basis of race, national origin, religion, color, gender, sexual orientation, age, disability, protected veteran status, or any other basis covered by law. Employment decisions are based solely on qualifications, merit, and business need.