Security Compliance Engineer

Introduction:
LotusFlare is a provider of cloud-native SaaS products based in the heart of Silicon Valley. Founded by the team that helped Facebook reach over one billion users, LotusFlare was founded to make affordable mobile communications available to everyone on Earth.
Today, LotusFlare focuses on designing, building, and continuouslyM evolving a digital commerce and monetization platform that delivers valuable outcomes for enterprises. Our platform, Digital Network Operator® (DNO™) Cloud, is licensed to telecommunications services providers and supports millions of customers globally.

LotusFlare has also designed and built the leading eSIM travel product - Nomad. Nomad provides global travellers with high-speed, affordable data connectivity in over 190 countries. Nomad is available as an iOS or Android app or via getnomad.app.

Job Description and Responsibilities:
The Security Compliance engineer plays a crucial role in ensuring our organization's adherence to internal security policies, industry regulations, and legal requirements. This individual will work collaboratively with various teams to assess, monitor, and enhance our IT security posture.
 

Job Requirements:

• Compliance Assessment: Conduct regular assessments of IT systems, processes, and controls to identify vulnerabilities and ensure compliance with security standards.
• Privacy Impact Assessment: Conduct regular PIA assessments for various projects in LotusFlare
• Policy Development and Implementation: Assist in the development, implementation, and maintenance of IT security policies, procedures, and guidelines.
• Risk Management: Identify, assess, and mitigate IT security risks through proactive measures and incident response.
• Audit Support: Collaborate with internal and external auditors to facilitate IT security audits and provide necessary documentation.
• Security Awareness: Promote security awareness across the organization through training programs and communication initiatives.
• Incident Response: Participate in incident response activities, including investigation, containment, and remediation.
• Vendor Management: Assess the security posture of third-party vendors and ensure compliance with our security requirements.

• Bachelor's degree in Computer Science, Information Systems, or a related field.
• 5+ years of experience in IT security compliance or a related role.
• Strong understanding of IT security frameworks, such as ISO 27001, ISO 27701, NIST, and CIS.
• Knowledge of industry regulations, such as GDPR, CCPA
• Experience with risk assessment methodologies and tools.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work independently and as part of a team.
• Professional certifications, such as CISA, CISM, or CISSP, are a plus.

• Competitive salary package
• Paid lunch (In the office)
• Yearly bonus
• Training and workshops
• Top-of-the-class engineers to learn from and work with