Information Security Engineer

In this role, you will oversee compliance across security, privacy, legal, and data protection, while fostering a culture of transparency and accountability. This position is ideal for someone passionate about information security and data protection compliance in a tech-centric, SaaS environment. Responsibilities

• Support and oversee the Information Security Governance, Risk, Compliance, and Privacy operations ensuring alignment with the organizations strategic objectives and regulatory requirements.
• Assist in strengthening the organizations risk management processes by working closely with stakeholders, clients, partners, service providers, and vendors to ensure compliance and security posture.
• Assist in maintaining and executing the organizations data privacy initiatives, ensuring compliance with relevant regulations (e.g., GDPR, CCPA) across operations.
• Work with process and control owners to design and implement information security controls, including the development of policies, procedures, and related documentation.
• Contribute to the establishment and management of a formal Information Security GRC and Privacy Program, and support the creation of a roadmap that aligns with industry standards and compliance needs.
• Partner with Legal, HR, and other departments to support an effective privacy program, helping to sustain organizational compliance and ethical standards.
• Lead risk assessments and support efforts to achieve key certifications and attestations, such as ISO 27001, AICPA SOC 2 Type 2, and others.
• Assist in managing a security awareness training program, contributing to building a strong security culture within the organization.
• Collaborate with sales and customer success teams to address security, compliance, and legal concerns, ensuring client satisfaction while maintaining compliance.

. Ensure compliance with relevant regulations and standards Requirements: Minimum 3-5 years of proven experience in areas of Information Security Governance, Risk Management, Compliance and Privacy.

• In-depth knowledge of the tech industrys standards and regulations (experience with SaaS products is a big plus)
• Experience in the implementation of regulatory and compliance frameworks (SOC2, ISO2700x, ITIL, COBIT)
• Familiarity with Cloud Infrastructure technologies.
• Understanding of global data protection laws, standards, and associated frameworks (e.g., GDPR, CCPA)
• Excellent knowledge of reporting procedures and record keeping
• A business acumen partnered with a dedication to legality
• An analytical mind able to “see” the complexities of procedures and regulations
• BSc/BA in information technology, cybersecurity, project management or related field.
• Certifications such as CISSP, CISM, Security+, CIPM, CIPP/E, PMP are desirable.
• Expertise in using and integrating Splunk, ELK Stack, XDR, SIEM, and SOAR platforms.

Information :

• Company : HR Force International
• Position : Information Security Engineer
• Location : Lahore
• Country : PK