About this role
About TaskUs: TaskUs is a provider of outsourced digital services and next-generation customer experience to fast-growing technology companies, helping its clients represent, protect and grow their brands. Leveraging a cloud-based infrastructure, TaskUs serves clients in the fastest-growing sectors, including social media, e-commerce, gaming, streaming media, food delivery, ride-sharing, HiTech, FinTech, and HealthTech.
The People First culture at TaskUs has enabled the company to expand its workforce to approximately 60,000 employees globally. Presently, we have a presence in twenty-three locations across twelve countries, which include the Philippines, India, and the United States.
It started with one ridiculously good idea to create a different breed of Business Processing Outsourcing (BPO)! We at TaskUs understand that achieving growth for our partners requires a culture of constant motion, exploring new technologies, being ready to handle any challenge at a moment’s notice, and mastering consistency in an ever-changing world.
What We Offer: At TaskUs, we prioritize our employees' well-being by offering competitive industry salaries and comprehensive benefits packages. Our commitment to a People First culture is reflected in the various departments we have established, including Total Rewards, Wellness, HR, and Diversity. We take pride in our inclusive environment and positive impact on the community. Moreover, we actively encourage internal mobility and professional growth at all stages of an employee's career within TaskUs. Join our team today and experience firsthand our dedication to supporting People First.
What can you expect in a Senior Security Compliance Analyst role with TaskUs:
Think of yourself as someone who is responsible for security system assessments, monitoring, and reporting. You will have a significant role in performing audits, tracking vulnerability assessments, security testing, and working with operations teams on remediation and mitigation of audit findings.
Imagine yourself going to work with one thing on your mind: that you will lead the assessment and integration of security controls of the entire corporate environment in line with applicable requirements from PCI DSS, SOC 2, HIPAA/HITRUST, and ISO 27001. Responsible for policy assessment of endpoint and network security appliances, hardware, and software, enforcing the TaskUs security policies, and complying with requirements of internal and external security audits and recommendations.
Key Responsibilities:
• Lead and support efforts for security compliance certifications such as ISO 27001, SOC 2, PCI DSS, HIPAA, HITRUST, and others.
• Manage evidence collection and responses for external audits and certifications.
• Monitor, document, and report compliance activities, make decisions regarding audit findings and remediation progress.
• Handling the Security Controls requirements in line with Client Expectations.
• Perform internal audits, control testing, and gap assessments to assess compliance status.
• Develop, maintain, and enforce security policies, standards, and procedures.
• Provide leadership with guidance on compliance risks, emerging trends, and areas for improvement.
• Provide security compliance training and awareness to employees.
• Lead the development and maintenance of IT and Security Risk Assessment procedures and processes, and collaborate with business units outside of Information Security to complete the Risk Assessment and track Risk Treatment activities.
• Recommends and supports the deployment and use of additional security products and tools, as well as conducting Risk Assessments and Vendor Security Assessments.
• Strong practical experience with Business Impact Analysis (BIA).
• Provide incident response support during security events. Participate in analyzing, troubleshooting, and investigating system anomalies using security reports, network traffic, logs, and alerts.
• Performs additional duties as assigned within the scope of security compliance activities and serves as a backup for team members in any necessary or assigned situations.
• Stay current with regulatory changes, emerging compliance requirements, and industry best practices.
• Manage the security of the IT infrastructure which are deployed and hosted in house and in the colocation DC.
• Should be able to use the AI tools and platforms for automation and also lead the core certification engagements we have in our Security Compliance department.
Required Qualifications:
• In-depth and hands-on experience of the following compliance requirements: PCI DSS, SOC 2, HIPAA/HITRUST, and ISO 27001.
• At least 4 years of experience in IT/IS Security Compliances/Consulting focuses on IT security, IT audit, Risk Assessments, Vendor Security Assessment, and/or due diligence reviews.
• Candid Industry-recognized presentation skills with the ability to prepare reports and presentations.
• An industry recognized information security certification, such as CISA, ISO LA/LI, CISM, CISSP, ISO 31000, RIsk Professional, and Certified Third-Party Risk Professional.
• Sound technical writing, documentation, and communication skills are required.
• Functional awareness of both information system platforms with a strong IT technical understanding and aptitude for analytical problem-solving.
• Strong understanding of Third-party, enterprise, network, system and application-level risk and controls
• Ability to handle sensitive and/or confidential material and information with suitable discretion.
• Excellent interpersonal skills and a professional demeanor.
• BPO contact center experience preferred, but not required.
Education / Certifications:
• Bachelor’s degree in MIS/Computer Science or Business and/or a combination of education and relevant experience.
How We Partner To Protect You: TaskUs will neither solicit money from you during your application process nor require any form of payment in order to proceed with your application. Kindly ensure that you are always in communication with only authorized recruiters of TaskUs.
DEI: In TaskUs we believe that innovation and higher performance are brought by people from all walks of life. We welcome applicants of different backgrounds, demographics, and circumstances. Inclusive and equitable practices are our responsibility as a business. TaskUs is committed to providing equal access to opportunities. If you need reasonable accommodations in any part of the hiring process, please let us know.
We invite you to explore all TaskUs career opportunities and apply through the provided URL https://www.taskus.com/careers/.