Compliance Excellence Associate - Chennai, Tamil Nadu, India - Flatirons Solutions

Description

Flatirons Solutions is looking for a
Compliance Excellence Associate in our
Chennai, India office. Are you a leader passionate about driving business compliance to reduce loss of margins, loss of customers, loss of trust, and loss of business through the reduction of risks? Do you strive to raise the standards and ability of people and organizations to achieve excellence?

The Compliance Excellence Specialist will be part of the Operational Excellence (OpEx) team and report to the Operational Excellence Associate Director.

The OpEx team is responsible for driving effectiveness, efficiency, and compliance throughout our global organization. We don't tell teams what to do. We are here to help what teams do, better


We are looking for someone who:

• Has a passion and track record for establishing and improving governance, risk, and compliance (GRC)
• Has handson experience with regulatory requirements in information security management,
• Has handson experience with conducting internal audits and hosting external audits
• Can perform risk assessments
• Has strong organizational skills with the ability to prioritize tasks and manage multiple projects simultaneously to meet deadlines.
• Has excellent communication skills and puts their customers first.
• Is selfmotivated, can work independently, and operates with a high level of integrity
• Drives results with measurable achievements
• Can consistently deliver results through indirect influence.
• Can travel internationally.

What you will do all day:

• Drive contractual, statutory, and regulatory obligations are communicated and met.
• Assist all departments, functions, and teams improve adherence and compliance with requirements effectively and efficiently.
• Assist the organization in implementing and monitoring the global GRC strategy with an emphasis on Information Security Management System (ISMS), Privacy Information Management System (PIMS), and CSR by providing information, awareness, guidance, coaching, and training.
• Support with the communication, training, and awareness of employee responsibilities in adhering to the requirements, policies, and procedures.
• Conduct internal audits of the various management systems based on contractual and regulatory obligations, internal requirements, and industry standards
• Host external audits, certifications, registration, and periodic surveillance audits.

What you need to know (experience requirements):

• A bachelor's degree in engineering, Risk Management, Compliance, or Regulations
• Minimum two (2) years of experience in a related field
• Experience with implementing or maintaining International Organization for Standardization (ISO) ISO 27001 and/or ISO 27701 certifications and can train others on the requirements.
• Working Knowledge with developing, implementing, and maintaining a global GRC strategy.
• Working Knowledge of data privacy laws and regulations and protecting personal information.
• Working Knowledge managing contractual, statutory, regulatory, legal, and compliance requirements.

What will set you apart:

• Working knowledge with laws, regulations, and standards from other countries such as, but not limited to:
• European Union (EU) General Data Protection Regulation (GDPR)
• United States (US) Department of Commerce (DOC) National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) or other Special Publications (SP) such as and
• US Department of Defense (DOD) Cybersecurity Maturity Model Certification (CMMC)
• United Kingdom (UK) Cyber Essentials Scheme
• Working knowledge using continual improvement tools and methodologies such as:
• Lean
• Six Sigma
• Capability Maturity Model Integration (CMMI)
• Visual management.
• Knowledge of the aviation, aerospace, or defense sectors
• Privacy Certifications (e.g., CIPM, CIPP/E) or equivalent
• ASQ Certification (e.g., CMQ/OE, CQA, CSQE, CSQP) or equivalent
• Six Sigma

Black Belt Certification (CSSBB)