• Own and manage the contractual certification requirements like SOC1, SOC2, ISO27001, ISO 27701, HIPAA, and PCI DSS
• Plan and conduct internal reviews and audits in line with SOC1, SOC2, ISO27001, ISO 27701, HIPAA, and PCI-DSS.
• Serve as a subject matter expert on at least 3 of the above standards/frameworks
• Assist internal stakeholders and work with control owners throughout the company on the process and documentation that supports compliance requirements.
• Define, Implement and Manage Policies, Procedures, Processes, and controls.
• Assess design effectiveness and continually monitor operating effectiveness of controls
• Conduct vendor risk assessments (Third Party Risk Management)
• Track and monitor risk treatment plans, coordinate with the various Business Functions on BCP Testing, and Business Impact Analysis
• Perform Security Incident Management and Reporting including RCA
• Properly document the audit process, (including evidence gathered), and ensure all the audit issues are tracked to closure

What skills do I need

• Around 10+ years of relevant experience in implementing, auditing, and managing certifications like SOC1, SOC2, ISO27001, ISO 27701, HIPAA, and PCI-DSS
• Subject Matter expertise on at least 3 of the above-mentioned standards/frameworks.
• PCI-DSS experience is an added advantage.
• Risk Compliance expertise in Payments/Fintech Domain is an added advantage.
• Work as an Individual Contributor
• Experience and expertise in Vendor Risk Assessments
• Ability to perform Risk Assessments and Business Impact Analysis
• Experience in performing Incident Management and Reporting including RCA
• Be Proactive, organized, analytical, detail-oriented and persistent
• Certifications preferred: CISA, CISM, CRISC
• Previous Experience in a Product SaaS company is an advantage

Role: Risk Management & Compliance - Other

Industry Type: Software Product

Department: Risk Management & Compliance

Employment Type: Full Time, Permanent

Role Category: Risk Management & Compliance - Other

Education

UG: Any Graduate

PG: Any Postgraduate

Key Skills

• RCAI
• SO
• Cisa
• Nutrition
• Analytical
• HIPAA
• Customer retention
• Incident management
• Risk management
• CRM

About company

Zenoti provides an all-in-one, cloud-based software solution for the spa, salon and med spa industry. The Zenoti platform is engineered for reliability and scale, harnessing the power of enterprise-level technology for businesses of all sizes.Zenoti power