Description
Compliance Manager - ISO 27001/PCI/Auditor
Define a comprehensive list of processes and controls required to achieve IT standards and certifications. Examples of these standards could be: ISO/IEC 9001, 27001 and PCI compliance.
Engage Senior Management to agree a Compliance Programme and agree the 'futurestate' for compliance and industry accreditation.
Take ownership of planning and delivery of the Compliance Programme:
- Conduct internal monitoring and auditing to assess the 'current state' and create 'transition state' plans.
- Consider the relevant controls, compliance and accreditation needed under the Programme.
- Define a comprehensive list of processes and controls required to achieve the Programme.
- Define the Programme plan and set the outlining governance to successfully deliver each component of the plan.
- Oversee and monitor the implementation of the Compliance Programme, reporting to the Head of Business Change & Transformation on progress, risks and issues.
- Establish a Compliance Committee to review and assess progress against the plan.
- Engage virtual team members to achieve the plan, and manage delivery. This will include liaising with all parts of the supply chain, from product to customer delivery and assurance.
- Develop effective lines of communication.
- Provide regular reporting and presentation of progress.
- Facilitate workshops and manage action, risk and issues logs to achieve the plan.
- Manage existing compliance standards by conducting audits and risk assessments and creating response plans.
- Develop, coordinate and participate in educational workstreams to focuses the business on compliance and quality controls.
- Represent at customer presentations and meetings where compliance, audit and standards conversations need to be had.
- From time to time work with the Bid and Sales teams to produce compliance based responses in Tenders and Presentations
Sills required:
- Auditing experience
- Compliance development experience, preferably in ISO standards and PCI compliance
- Telecommunications industry experience
- Project Management experience.
- Knowledge of Change Management principles
- Influencing and facilitation skills
- Quality documentation and controls
- Strong analytical skills in order to identify compliance vulnerabilities and develop compensating controls
- Strong written and verbal skills in the English language coupled with the ability to work with all levels of management.
- Strong personal discipline and effective time management
- The ability to lead and independently execute technical assessments
- Manage multiple projects simultaneously and effectively prioritise work.
- Report findings clearly and communicate results effectively to the relevant stakeholders.
- Develop and maintain good working relationships with stakeholders and promote and raise awareness of the team and its role and objectives to business and IT leadership.
- Desire to improve efficiency and quality standards
- Embed and sustain a controls framework.
this position is working 3 days per week for a preiod of 6 months
Compliance Manager - ISO 27001/PCI/Auditor