top of page
Careers-Abacus.jpg

Opening Position

IT Security Compliance Specialist

Job Summary:

The IT Security Compliance Specialist is responsible for ensuring that the ABACUS digital’ information technology systems, processes, and procedures comply with internal policies and external regulatory requirements. They must maintain a strong knowledge of industry standards and best practices related to information security, compliance, and risk management. They collaborate with various departments, including development, delivery, risk, and data analytics to ensure that information security practices are integrated into business operations, and they coordinate with external auditors to assess compliance with applicable regulations.

What you will do

  • Develop and maintain information security policies, procedures, and guidelines in accordance with industry standards and regulatory requirements

  • Monitor and assess the ABACUS digital information security risks, vulnerabilities, and threats, and provide recommendations for mitigating these risks

  • Collaborate with the delivery teams to implement and maintain effective security controls, including secure coding, system monitoring, and incident response

  • Conduct security assessments and audits to ensure compliance with applicable regulations, such as ISO 27001, ISO 27701, SOC II, and PDPA

  • Serve as a liaison with external auditors and regulators to provide evidence of compliance and facilitate audits and assessments

  • Develop and deliver information security training and awareness programs to educate employees on information security policies and procedures

  • Participate in incident response activities, including conducting investigations, providing technical expertise, and developing remediator plans

  • Stay up-to-date on the latest information security trends, technologies, and best practices, and provide recommendations for improving the organization’s security posture

 

What we are looking for

  • Bachelor's degree in Computer Science, Information Technology, or a related field

  • 3-5 years of experience in IT security and compliance, including experience with regulatory compliance frameworks such as ISO 27001 and PDPA lawsuit

  • Strong knowledge of information security principles, practices, and technologies, including network security, access controls, cryptography, and security operations

  • Experience with security assessments, audits, and compliance reporting.
    Strong analytical and problem-solving skills, with the ability to assess and mitigate security risks and vulnerabilities

  • Excellent communication and interpersonal skills, with the ability to collaborate with various departments and communicate technical information to non-technical stakeholders

  • Professional certifications such as CISSP, CISM, or CISA are preferred.
     

 

If you are interested in joining our team, please click on the "Apply Now" button to send your CV and portfolio (if applicable). Alternatively, if you have any questions, please feel free to contact us at [email protected]

bottom of page