Compliance Manager

Lignum Security Limited is seeking a meticulous and experienced Compliance Manager to oversee and manage regulatory compliance for the company and its clients. The Compliance Manager will ensure adherence to applicable laws standards and frameworks including GDPR ISO 27001 PCI DSS and other relevant regulations. This individual will lead compliance initiatives conduct audits and provide expert guidance to internal teams and clients on meeting compliance requirements. The ideal candidate will have strong leadership abilities indepth regulatory knowledge and excellent communication skills.

Key Responsibilities

1. Compliance Program Development
   
• Develop implement and maintain compliance programs and policies for Lignum Security and its clients.
  
• Ensure alignment with global and regional regulatory standards such as GDPR HIPAA ISO 27001 and PCI DSS.
  
• Create compliance checklists templates and best practices for client engagements.
  
2. Audits and Risk Assessments
   
• Conduct regular internal and external compliance audits to ensure adherence to regulatory requirements.
  
• Identify compliance gaps and recommend actionable improvements.
  
• Perform risk assessments and provide recommendations for mitigating regulatory and security risks.
  
3. Client Engagement
   
• Act as the primary compliance advisor for clients guiding them on achieving and maintaining regulatory compliance.
  
• Collaborate with clients to develop and implement Information Security Management Systems (ISMS) and compliance roadmaps.
  
• Provide compliance training and awareness sessions for clients and internal teams.
  
4. Reporting and Documentation
   
• Prepare detailed compliance reports including audit findings risk assessments and corrective action plans.
  
• Maintain accurate records of compliance activities and ensure proper documentation for audits and certifications.
  
• Present compliance updates and recommendations to senior leadership and clients.
  
5. Regulatory Monitoring and Advisory
   
• Stay updated on changes to global and regional regulatory requirements.
  
• Provide proactive guidance to internal teams and clients on regulatory changes and their potential impacts.
  
• Liaise with external regulatory bodies auditors and legal advisors as needed.
  

Requirements

Education:

• Bachelor s degree in Cybersecurity Law Business Administration or a related field.
  
• A master s degree in Risk Management Cybersecurity or Business Administration is preferred.
  

Certifications:

• Required: ISO 27001 Lead Auditor/Implementer CISA or CRISC.
  
• Preferred: CIPM CIPP/E PCI DSS QSA or equivalent certifications.
  

Experience:

• Minimum of 7 years of experience in compliance management cybersecurity or a related field.
  
• Proven track record of managing regulatory compliance programs and audits.
  
• Experience with clientfacing roles and working in multiindustry environments.
  

Technical Skills:

• Strong knowledge of regulatory frameworks (e.g. GDPR HIPAA PCI DSS ISO 27001.
  
• Proficiency in risk management tools and compliance software.
  
• Familiarity with security technologies and best practices for implementing compliance measures.
  

Soft Skills:

• Exceptional organizational and time management skills.
  
• Strong interpersonal and communication abilities with the capacity to present complex compliance concepts to diverse audiences.
  
• Analytical mindset with problemsolving capabilities.
  
• Ability to work collaboratively across teams and with clients.
  

Key Performance Indicators (KPIs):

• Compliance program effectiveness and audit success rates.
  
• Client satisfaction scores related to compliance services.
  
• Timely completion of risk assessments and compliance reports.
  
• Alignment of company and client operations with current regulatory standards.
  

Benefits

• Competitive salary with performancebased incentives.
  
• Comprehensive health and wellness benefits.
  
• Opportunities for professional development and advanced certifications.
  
• Exposure to a wide range of industries and regulatory challenges.