IT Security and Compliance Officer

SparkSuccess at FGC+!

Our dedicated professionals excel in supporting a diverse range of industries with unmatched dedication.

Driven by our core values of Empathy, Reliability, Possibility, and Growth, we are focused on #IgnitingPossibility and help each team member unlock their full potential. At FGC+, we offer more than just a job; we provide a nurturing environment where work-life balance, mentorship, employee engagement, and continuous learning are the pillars of your success.

Here, you are more than just an employee- you are part of team where you can truly thrive and make a difference.

About the Job:

The information Security and Compliance Officer will be responsible for ensuring that the organization meets the highest standards of information security and compliance, including ISO 27001, PCI DSS, and HIPAA. You will develop and maintain security policies, lead compliance initiatives, and collaborate with various departments to ensure processes and documentation are up to standard.

In this role, you will oversee risk management, incident response, and security awareness training, while also monitoring and reporting on compliance progress. You’ll act as the primary point of contact for audits and regulatory reviews, working cross-functionally to integrate security and compliance into daily business operations.

What You’ll Do:

Information Security Management:

• Develop, implement, and maintain information security policies and procedures that comply with ISO 27001, PCI DSS, and HIPAA requirements.
• Ensure the information security management system (ISMS) aligns with the organization's strategic objectives and supports continuous improvement.

Compliance Oversight:

• Lead the organization’s (FGC+) compliance initiatives with PCI DSS, ISO 27001, and HIPAA standards. o Collaborate with different departments to ensure their processes and documentation meet compliance requirements.
• Serve as the point of contact for regulatory audits and external compliance reviews.

Policy Coordination and Document Management:

• Work with various departments to collect, review, and maintain all relevant documentation and policies.
• Ensure documents are updated and accessible, and they align with compliance frameworks.
• Oversee version control and approval processes for security policies and procedures.

Risk Management:

• Identify and assess potential security risks and manage risk mitigation strategies.
• Ensure departments understand their role in addressing identified risks and maintaining compliance.

Security Awareness and Training:

• Develop and deliver training programs to enhance employee awareness of security practices and compliance responsibilities.
• Promote a culture of security through regular communication and collaboration with department heads.

Incident Response and Management:

• Manage the incident response plan and ensure it is regularly tested and updated.
• Coordinate with relevant departments to ensure preparedness for potential security incidents.

Monitoring and Reporting:

• Monitor compliance with security standards across all departments.
• Regularly report on compliance status to senior management and recommend corrective actions when necessary.
• Oversee the collection of evidence required for audits and compliance checks.

Access and Data Management:

• Collaborate with IT teams to ensure access controls align with security policies.
• Work with departments to ensure data handling practices are secure and compliant.

Cross Departmental Collaboration:

• Partner with other departments to ensure their processes comply with security requirements.
• Act as an advisor for departments to implement and adhere to information security measures.
• Facilitate the integration of compliance requirements into business processes.

What You’ll Bring:

• Bachelor’s degree in Computer Science, Information Security, or a related field; certifications such as CISM, CISSP, or CISA are preferred.
• Proven experience in IT security or compliance roles, with hands-on involvement in ISO 27001, PCI DSS, and HIPAA environments.
• Proficient with security tools and practices, including network monitoring, data protection, and audit processes.
• Strong communication and coordination skills, with the ability to collaborate effectively across teams.
• Demonstrated ability to work seamlessly with cross-functional teams to achieve compliance goals.
• Flexible and willing to adjust schedules as needed to meet business demands.

What We Have to Offer:

At FGC+, we believe that every person yearns to fulfill their potential. “Igniting possibility” is our brand essence, it recognizes that work can be a great catalyst for personal and professional growth. By creating an environment of support and inspiration, we enable people to realize their true capabilities and to make work a source of fulfillment and sustainable success.

We offer more than just a job; we provide a nurturing environment where work-life balance, mentorship, employee engagement, and continuous learning are the pillars of your success — not to mention a market competitive total compensation/rewards package including:

• Day 1 HMO
• Competitive base pay with incentives and allowances
• Payment of all statutory government benefits
• 25 days of annual paid leave
• 13th month pay
• Onsite medical support
• Skills and training development programs
• Employee Engagement Events
• Employee Referral Program

EEO Statement:

We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status, or any other characteristic protected by law.

Third-Party Agency Notice:

FGC+ will not accept any unsolicited resumes from any third-party recruiting agencies, either domestic or international. FGC+ nor its subsidiaries/LEs will be responsible for any fees from the use of any unsolicited resumes either through our ATS or via electronic mail systems from any agency.