Skip To Main Content
epam-logo-black.svgepam-logo-black.svg
backBack to Search

Lead Security Compliance Engineer

Remote in Georgia
Security Compliance Assurance& 2 others
hot
Looking for something else?

Find a vacancy that works for you. Send us your CV to receive a personalized offer.

Find me a job

We are currently seeking a Lead Security Compliance Engineer to strengthen our Compliance Assurance Office team. Remote work may be considered.

The successful candidate will join a team responsible for designing, maintaining, and operating the company’s Information Security Management System (ISMS), as well as supporting EPAM projects with the analysis and implementation of client-specific security requirements.

Responsibilities
  • Manage and/or assist with company and customer security compliance requirements implementation
  • Create and maintain security policies and processes with and without support from subject-matters experts
  • Facilitate company teams, projects and locations for external security audits independently
  • Support production projects and sales teams with customers' questions and audits in information security area
  • Perform Security internal audits independently
  • Improve ISMS
Requirements
  • Significant knowledge and experience in any of the following framework/standard: ISO 27001, ISO 27701, CMMC, SOX, SOC1 (ISAE 3402), SOC2, NIST 800-53, PCI DSS, TISAX, others
  • Experience with implementation or support of Information Security Management System (ISMS) or experience with security standards/regulations
  • Experience in creation and maintenance of security policies
  • Background in one of the following areas: Security compliance, Information security, IT processes, IT/Security audits, Hardware, Software, Network, IT Administration, User support, Software development processes
  • English B1+ or higher
  • Good communication skills (readiness to communicate with people in multinational environment, ability to communicate orally and in writing)
Nice to have
  • Experience in development and implementation of complex security compliance plan/program in security area (gap analysis -> remediation plans -> detailing tasks, management of tasks implementation -> internal audit)
  • Knowledge or experience with any of the following regulations: CMMC, NIST SP 800-171, NIST SP 800-218, US DoD Regulations
  • English B2 or higher
  • Certificates in Information security / IT compliance areas