Full-Time Information Security Compliance Consultant

• Building and overseeing our Information Security controls framework and environment in line with the Visa Key Controls and industry standards, ensuring enterprise-wide security compliance to required certifications.
• Leading on the preparation for any new certifications.
• Collaboratively creating, implementing and maintaining security policies, standards and procedures which improve our posture in alignment with industry best practice and internationally recognised compliance standards.
• Ensuring the annual successful execution of all compliance recertification efforts by leading and coordinating our preparation, responses and submissions for certifications such as PCI DSS, SOC2, ISO27001, DORA etc.
• Providing assurance to our customers by coordinating the responses to customer RFP questions and customer audits in the Information Security area.
• Coordinating with and supporting the Visa Legal, Risk & Compliance team in understanding and quantifying security risk, responding to third-party requests and performing security assessments of our suppliers, their products and services.
• Driving our security awareness programme, aligned with the Visa programmes, promoting security within Featurespace and collaborating with our customers and industry partners to develop the maturity and standing of security within our industry.
• Acting as a subject matter expert on compliance requirements and consulting across the enterprise, gaining buy-in to ensure our products and services are "secure and compliant by design".

• Create, review, update and complete information security policy, standards, and guidelines.
• Conduct security risk assessments, business impact analyses and recommend appropriate control improvements.
• Maintain security risk registers in collaboration with the Visa Risk and Compliance teams.
• Coordinate and lead our responses to customer RFP questions and security audits in a timely and efficient manner.
• Lead the adoption and customisation of the VISA third party security assessment programme into Featurespace.
• Stay up to date with the latest security and technology trends and development.
• Lead the adoption and customisation of the Visa Security Awareness and Training programme for Featurespace.
• Consult with internal teams, clients, auditors, and regulators regarding information security compliance, and related topics as necessary.
• Liaise with internal teams and stakeholders in relation to security compliance to ensure coordination of requirements, agreed controls and shared consistent documentation and tooling wherever possible.
• Contribute advice and guidance for departmental security strategies to manage identified risks and ensure adoption and adherence to standards and compliance frameworks.
• Develop and maintain documentation, controls, processes, workflows, metrics, reporting, solutions, and applications/tools as needed to ensure effective operation and visibility of the state of the compliance function.
• Ensure all processes and controls that fall within your area of responsibility are operating effectively and are correctly evidenced.

• Demonstrable experience ensuring information security compliance, preferably in highly regulated environments.
• Extensive experience working with, building, and implementing successfully, a range of security control frameworks including ISO27000 and SOC 2, e.g. worked as ISO27001 Lead Auditor/Implementer.

What is the last date for applying to the job?

Which countries are accepted for this remote job?