AddressWho is AiDash?
AiDash is making critical infrastructure industries climate-resilient and sustainable with satellites and AI. Using our full-stack SaaS solutions, customers in electric, gas, and water utilities, transportation, and construction are transforming asset inspection and maintenance - and complying with biodiversity net gain mandates and carbon capture goals. Our customers deliver ROI in their first year of deployment with reduced costs, improved reliability, and achieved sustainability goals. Learn more at www.aidash.com.
What is the role?
The successful candidate will be responsible for authoring various compliance policies, evangelizing and enforcing them within AiDash's teams and systems, ensuring that audits are cleared for the firm without exceptions, and performing the following additional responsibilities
What will you do?
- Translate compliance requirements, such as GDPR, ISO 27001, SOC2, etc., into detailed technical requirements that can be implemented within AiDash's systems and processes.
- Take a lead role in overseeing and facilitating audits, ensuring timely completion, and compliance with all GDPR, ISO 27001, SOC2 regulations.
- Make company ready for SOX 404.
- Establish a foundational security operations concept in alignment with the ISO 27001 standard and organizational objectives.
- Develop, oversee, and monitor a framework of processes, procedures, and policies to manage security incidents and events to protect organizational assets, intellectual property, sensitive data, and reputation.
- Proactively manage problems and changes, taking responsibility for resolving issues and achieving effective outcomes within your area or team.
- Gather and analyze information from various systems.
- Directly align with strategic goals, enterprise objectives, risk management plans, compliance requirements, and top-level policies.
- Conduct Risk Reporting and Management.
What are we looking for?
- Exceptional experience in continuous audits and clearing GDPR, SOC2, ISO27001 – At least 10 years of hands-on experience.
- Good experience in writing and understanding policies related to the above - At least 10 years of hands-on experience.
- Crystal-clear understanding of Information security concepts.
- Familiarity with Enterprise Security Strategy, Governance Frameworks, Standards, Policies (Conversant in ISO27001, SOC2, GDPR, etc.).
- Ability to perform internal security assessments based on the above.
- Proficiency in Security Risk Profiling and Impact assessment, including:
- Understanding the type of information stored, processed, or transmitted (PII, SPI, customer, confidential, etc.) and its classification.
- Comprehending contractual requirements (restrictions on where information can be stored, transmitted, or processed, restrictions on interconnection of networks), user access (who will have access and how) - Customers, employees, public, third parties, remote.
- Strong knowledge of information security Threats, Vulnerabilities, and Risk Management.
- Ability to correlate industry risk, compliance, and policy standards with organizational operations.
- Understanding of application security requirements and implementation.
- Ability to determine the level of security required based on the organization's risk exposure.
What will make you a great candidate?
- ISO 27001 Lead Implementer
- Certified Information Privacy Professional/Europe (CIPP/E)
- Certified Data Protection Officer (CDPO)
- Certified Information Security Manager (CISM)
