Established in 1983, OCR Services Inc. helps global companies across industry verticals manage trade compliance regulations and processes effectively and efficiently. Our business is structured to provide the best-in-class software solutions, products, services, and know-how on trade management to diverse industries. Our software product, ‘EASE’, is a suite of automated export and import compliance solutions that address every step of the global trade management processes and streamline supply chain management. Headquartered in the United States, OCR serves over 800 international customers, including many Fortune 500 companies, through its offices in the US, India, UAE, UK, and Canada. Our development center in Gurgaon, India (World Compliance Technologies Pvt. Ltd.) is our center of excellence in product engineering. Our India development center supports global product development and integration with ERP systems through a strong network of in-house engineering staff and partners based in Kochi, Ahmedabad, and Mumbai.
OCR services is hiring an Information Security and Privacy Manager to oversee the organization’s IT risk and security processes and frameworks and ensure compliance with privacy and data protection regulations. The Information Security and Privacy Manager will be responsible for ensuring that the organization-wide security policies are current and up to date at all times. The Information Security and Privacy Manager will also ensure OCR’s compliance with various latest data protection and privacy laws.
- Develop and implement organization-wide IT security, cyber and risk management programs/policies by adhering to the latest compliance frameworks and standards
- Continually implement security improvements to meet and exceed industry standards by evaluating trends and anticipating requirements.
- Implement automated continuous monitoring and safeguards to solve potential and avoid actual security problems.
- Establish security controls to ensure the protection of OCR’s technical infrastructure. Develop processes to help the technology infrastructure team manage risk and make risk-based decisions related to IT activities.
- Conduct proactive and regular audits and work with the IT team to ensure compliance and risk mitigation.
- Recognizes problems by identifying abnormalities; reporting violations
- Work with IT team to set up vulnerability management and shared disaster recovery/business continuity plans
- Ensure overall IT compliance with regulatory requirements through proactive planning and communication.
- Work with the General Counsel to oversee OCR’s compliance with the various privacy laws and data protection regulations and ensure applicable control catalog and documentation.
- Provide training to employees on Cyber Security and Data Privacy policies
Education and Experience:
- Bachelor’s degree required
- At least five years of experience in risk, compliance and information security policy development
- Knowledge of IT processes and controls and a strong understanding of risk and control frameworks such as (CoBIT, ISO, NIST, ITIL, PCI).
- Desired certifications: Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CSSP) or other information systems security and data privacy certifications
- Knowledge of various privacy and data protection frameworks like California Consumer Privacy Act (CCPA), EU General Data Protection Regulation (GDPR), and other countries’ data privacy requirements.
- Prolonged periods of sitting at a desk and working on a computer.
- Ability to travel as needed.
Job Location: Remote and in office at Rockville, Maryland or Glendora (Los Angeles), California