Compliance Manager

Lignum Security Limited is seeking a meticulous and experienced Compliance Manager to oversee and manage regulatory compliance for the company and its clients. The Compliance Manager will ensure adherence to applicable laws, standards, and frameworks, including GDPR, ISO 27001, PCI DSS, and other relevant regulations. This individual will lead compliance initiatives, conduct audits, and provide expert guidance to internal teams and clients on meeting compliance requirements. The ideal candidate will have strong leadership abilities, in-depth regulatory knowledge, and excellent communication skills. Key Responsibilities Compliance Program Development Develop, implement, and maintain compliance programs and policies for Lignum Security and its clients. Ensure alignment with global and regional regulatory standards, such as GDPR, HIPAA, ISO 27001, and PCI DSS. Create compliance checklists, templates, and best practices for client engagements. Audits and Risk Assessments Conduct regular internal and external compliance audits to ensure adherence to regulatory requirements. Identify compliance gaps and recommend actionable improvements. Perform risk assessments and provide recommendations for mitigating regulatory and security risks. Client Engagement Act as the primary compliance advisor for clients, guiding them on achieving and maintaining regulatory compliance. Collaborate with clients to develop and implement Information Security Management Systems (ISMS) and compliance roadmaps. Provide compliance training and awareness sessions for clients and internal teams. Reporting and Documentation Prepare detailed compliance reports, including audit findings, risk assessments, and corrective action plans. Maintain accurate records of compliance activities and ensure proper documentation for audits and certifications. Present compliance updates and recommendations to senior leadership and clients. Regulatory Monitoring and Advisory Stay updated on changes to global and regional regulatory requirements. Provide proactive guidance to internal teams and clients on regulatory changes and their potential impacts. Liaise with external regulatory bodies, auditors, and legal advisors as needed. Requirements Education: Bachelor’s degree in Cybersecurity, Law, Business Administration, or a related field. A master’s degree in Risk Management, Cybersecurity, or Business Administration is preferred. Certifications: Required: ISO 27001 Lead Auditor/Implementer, CISA, or CRISC. Preferred: CIPM, CIPP/E, PCI DSS QSA, or equivalent certifications. Experience: Minimum of 7 years of experience in compliance management, cybersecurity, or a related field. Proven track record of managing regulatory compliance programs and audits. Experience with client-facing roles and working in multi-industry environments. Technical Skills: Strong knowledge of regulatory frameworks (e.g., GDPR, HIPAA, PCI DSS, ISO 27001). Proficiency in risk management tools and compliance software. Familiarity with security technologies and best practices for implementing compliance measures. Soft Skills: Exceptional organizational and time management skills. Strong interpersonal and communication abilities, with the capacity to present complex compliance concepts to diverse audiences. Analytical mindset with problem-solving capabilities. Ability to work collaboratively across teams and with clients. Key Performance Indicators (KPIs): Compliance program effectiveness and audit success rates. Client satisfaction scores related to compliance services. Timely completion of risk assessments and compliance reports. Alignment of company and client operations with current regulatory standards. Benefits Competitive salary with performance-based incentives. Comprehensive health and wellness benefits. Opportunities for professional development and advanced certifications. Exposure to a wide range of industries and regulatory challenges.