Overview
syntax is a leading managed cloud provider for mission critical enterprise applications. The company has delivered technology solutions to businesses of all sizes since 1972, specializing in implementing and managing erp deployments (oracle, sap) in secure private, public, or hybrid clouds.
the security compliance specialist will ensure ongoing compliance with security frameworks and privacy regulations, including iso 27001, soc 2, nist, cis, gdpr, and related requirements. This hands‑on technical role requires gathering, analyzing, and validating compliance evidence from it systems, applications, and security tools. The specialist will work closely with it, security, and grc teams to maintain the compliance posture, support audits, and contribute to continuous improvement of controls and processes.
responsibilities
* operate and maintain security compliance processes across iso 27001, soc 2, nist, cis, gdpr, and other relevant frameworks.
* collect, analyze, and validate technical compliance evidence from systems, applications, and security platforms.
* use siem and other monitoring tools to review logs, configurations, and control effectiveness.
* support internal and external audits by preparing evidence, coordinating with stakeholders, and responding to auditor requests.
* contribute to security control testing, system hardening reviews, and validation of technical baselines.
* collaborate with internal stakeholders to ensure compliance requirements are integrated into operations and projects.
* support responses to customer security questionnaires and due diligence requests as needed.
* maintain documentation of compliance processes, evidence repositories, and audit history.
* monitor changes in regulatory and framework requirements, recommending updates to controls or processes as required.
* assist in developing metrics and reports on compliance status for leadership review.
required skills and experience
* 5–7 years of experience in it administration, security operations, or compliance roles.
* strong understanding of security frameworks and regulations: iso 27001, soc 2, nist csf, cis, gdpr, and related privacy requirements.
* hands‑on experience with siem platform (e.g., splunk, microsoft sentinel, qradar, elastic) for compliance and security validation.
* background in it system administration (windows, linux, or cloud environments) with knowledge of security controls and configurations.
* familiarity with common cybersecurity domains: access control, logging/monitoring, vulnerability management, and incident response.
* experience preparing compliance evidence and supporting audits.
* strong analytical and problem‑solving skills, with attention to detail.
* ability to collaborate effectively with internal stakeholders to achieve compliance objectives.
* effective communication skills, with the ability to explain technical compliance evidence to non‑technical stakeholders and, when required, to customers.
* relevant certifications (e.g., comptia security+, cissp, cism, iso 27001 lead implementer/auditor, or siem certifications) are an advantage.
* english language fluency (written and spoken).
key technologies
* siem platforms: splunk, microsoft sentinel, qradar, elastic, or equivalent.
* system administration: windows server, active directory, linux, and cloud platforms (aws, azure, oracle).
* vulnerability & compliance tools: qualys, tenable, cis benchmark tools, or equivalent.
* other platforms: sharepoint, confluence, servicenow.
benefits
* competitive, above‑average compensation.
* global travel opportunities with the ability to work from abroad from time to time.
* flexible working time models and remote work options.
* attractive benefits, e.g., company pension scheme and various health offers.
* a modern work environment that values individual contributions.
* open feedback culture, flat hierarchies and a motivated team.
* individual career planning with continuous training and coaching on the job.
#j-18808-ljbffr