Information Cyber Security compliance Analyst ML Intern

Experience Level: 1-2 years

Job Summary: We are looking for a highly motivated Information Security Compliance Analyst to join our growing team. The candidate should have 1-2 years of experience in information security, compliance, Information Security Risk Assessment, governance, and well versed particularly with ISO 27001, Data Privacy regulations, and IT General Controls (ITGC). In this role, you will assist in ensuring that our company meets regulatory requirements, manages security risks, and adheres to internal and external policies.

Key Responsibilities:

ISO 27001 Compliance: Assist in maintaining ISO 27001 certification by supporting audits, preparing documentation, and ensuring compliance with controls and policies.

Data Privacy Management: Support the implementation and maintenance of data privacy programs in line with GDPR, CCPA, and other applicable regulations. Assist in conducting Privacy Impact Assessments (PIAs) and managing data subject requests.

ITGC Controls: Participate in the assessment and testing of IT general controls (ITGC), ensuring that controls related to access management, change management, and system configurations are in place and effective.

Compliance Audits: Help prepare for and support internal and external audits. Provide documentation and evidence of controls and compliance.

Risk Management: Assist in identifying security and privacy risks, helping to document findings, and work with teams to resolve identified issues.

Policy & Procedure Development: Collaborate in the creation, review, and updates of information security policies, procedures, and guidelines.

Training & Awareness: Assist in the development and delivery of security awareness training to employees. Ensure staff are aware of the company’s security policies and compliance requirements.

Reporting: Support the preparation of regular reports to management on the status of compliance, risk assessments, and audit findings.

Qualifications:

Education: Bachelor’s degree in Information Technology, Cybersecurity, Information Systems, or related field.

Experience: 1-2 years of experience in Information Security, Compliance, or IT Governance.

Knowledge:

1. Strong understanding of ISO 27001, Data Privacy regulations (e.g., GDPR, CCPA), and IT General Controls (ITGC).

2. Familiarity with risk management frameworks and security standards.

3. Experience with compliance audits and assessments is a plus.

Skills:

1. Strong analytical skills and attention to detail.

2. Good understanding of security technologies and processes.

3. Excellent written and verbal communication skills.

4. Ability to work collaboratively in a team environment.