Audits & Certifications Manager

About Company:

Our client is a global organization providing technology-driven solutions and services to support business growth and operational efficiency. It's an organization offering end-to-end solutions with a focus on quality, efficiency, and reliability.

An Ideal Candidate:

The ideal candidate should possess strong experience in managing security audits and compliance frameworks such as ISO 27001, PCI DSS, GDPR, and SOC 2, with a solid understanding of evidence management and certification lifecycle governance. They should demonstrate excellent coordination and stakeholder management skills, the ability to work cross-functionally with technology, operations, and finance teams, and a proactive approach to maintaining audit readiness. Strong documentation, risk assessment, and communication skills, along with a commitment to security awareness and continuous compliance improvement, are essential.

Key Competencies:

We are seeking an Audits & Certifications Manager who will be responsible for ensuring that the organization remains fully audit-ready for external certifications (including ISO, PCI DSS, GDPR) and client security assessments.

Own and manage certification programs including ISO 27001, PCI DSS, GDPR, SOC 2, and future compliance frameworks

Act as the lead coordinator for client security audits, due diligence questionnaires, third-party risk assessments, and compliance sections of RFPs

Maintain evidence logs, control documentation, and records required for certification and recertification

Conduct periodic internal audits to ensure readiness ahead of external assessments

Track corrective action reports (CARs) and mitigation plans in coordination with Technology, Operations, and Finance stakeholders

Maintain the Information Security Management System (ISMS) documentation and security policies

Collaborate with MD1 to track cybersecurity initiatives and risk assessments, including maintenance of the risk register

Ensure vendor security and compliance documentation is maintained and up to date

Monitor regulatory and compliance changes impacting certification requirements

Manage employee and stakeholder training to uphold compliance standards and maintain security awareness