Information Security and Compliance Specialist (SDQ)

Distrito Nacional, Santo Domingo, Dominican Republic

Full Time

Information Technology

Experienced

Position Summary:

The Information Security and Compliance Specialist is responsible for ensuring that Hire Horatio’s information technology (IT) systems and processes comply with relevant laws, regulations, and standards.

Responsibilities:

Monitor and interpret regulatory requirements, industry standards, and best practices related to information security, privacy, and compliance.
Developing and implementing policies and procedures for IT governance and risk management, including identifying, assessing, and mitigating risks.
Develop, implement, and maintain compliance frameworks, policies, and procedures to align with applicable laws (e.g., GDPR, HIPAA, PCI DSS) and industry standards (e.g., ISO 27001, NIST).
Conducting regular audits and assessments to ensure compliance with applicable laws, regulations, and standards, such as SOC 2 Type 2, HIPPA, the Payment Card Industry Data Security Standard (PCI DSS), the General Data Protection Regulation (GDPR), and the Sarbanes-Oxley Act (SOX), etc.
Ensure clear documentation and communication of IT policies and procedures to relevant stakeholders.
Working closely with other IT and business teams to integrate risk management and compliance considerations into the organization's operations and processes.
Providing guidance, training, and support to other members of the organization on IT governance and risk compliance best practices and protocols.
Keeping up to date with the latest developments in IT governance and risk compliance, and evaluating and recommending solutions and tools to enhance the organization's compliance posture.
Reporting on the organization's compliance status and risk profile to relevant stakeholders, such as the Head of IT, regulatory bodies, and external auditors.
Keeping up to date with the latest developments in IT governance and risk compliance, and evaluating and recommending solutions and tools to enhance the organization's compliance posture.

Required Skills/Abilities:

Advanced English proficiency.
Strong analytical skills with the ability to assess risks, analyze complex problems, and develop practical solutions.

Excellent communication skills with the ability to articulate technical concepts to non-technical stakeholders and influence decision-making at all levels of the organization.
Strong project management skills with the ability to prioritize tasks, manage multiple projects simultaneously, and meet deadlines in a fast-paced environment.
Collaborative mindset with the ability to work effectively in cross-functional teams and build strong relationships with internal and external stakeholders.
Understanding of risk management principles and techniques, including risk assessment, risk analysis, and risk mitigation.
Experience with data protection and privacy regulations, such as GDPR and HIPAA.
Familiarity with cybersecurity and network security concepts, including threat intelligence, incident response, and vulnerability management.
Ability to develop and implement policies and procedures related to IT governance and risk management.
Strong communication and presentation skills, with the ability to explain complex technical concepts to non-technical audiences.
Ability to analyze and interpret data and use it to inform decision-making.
Strong problem-solving and critical-thinking skills.

Education and Experience:

Bachelor's degree in Information Technology, Computer Science, or a related field.
Advanced degree or professional certifications (e.g., CISA, CISSP, CRISC, CGEIT) preferred.

Proven experience (typically 3+ years) in IT governance, risk management, and compliance roles, preferably within regulated industries such as finance, healthcare, or technology.
In-depth knowledge of IT governance frameworks, standards, and regulatory requirements (e.g.,GDPR, HIPAA, SOX).

Benefits:

Insurance under ARS Humano Royal Plan (Option to upgrade to Max Royal Plan)
Quarterly performance bonuses
Free snacks every day
Free catered lunch every day
Free catered dinner (for those on night shifts)
Door-to-door transportation after 9:00 PM
Happy hour on Fridays
Holiday parties!
An amazing, unique office environment (no cubes, no assigned workstations!)
Growth and development opportunities (the most in the industry!)
Professional development courses by leading business schools like Barna
Yoga and workout classes (coming soon!)
Community service opportunities (#HoratioCares)
Discounts at local restaurants and stores

Life At Horatio:

Horatio is changing the way people experience life at work. Yes, that’s right - working at Horatio is much different than anywhere you’ve ever worked. Here’s what makes our vibe different:

Employee First (but actually...): At Horatio, we are a family and that plays into everything we do. We know that our employees are the most important part of the team and we treat them as such! Just ask any member of our team about how different Horatio has been for them and why they love it so much! Or, feel free to check out our Instagram page hirehoratiord to see it for yourself. Whether it’s the free meals, concerts, clubs, yoga classes, or awesome office vibe, there’s something for everyone at Horatio!
Cool Clients: We work with some of the fastest-growing and innovative companies in the world — and a lot of them are startups. That means no boring scripts and repetition. Instead, you will be challenged to provide clients with ideas, feedback, and new strategies based on what you are seeing each day. You’ll get to interact with clients directly too — it could be the head of the customer experience or even the CEO!
Growth Opportunities: We’re a fast-growing company and have a lot of opportunities for new employees to grow within. A large number of our senior managers started as associates proved themselves, and were promoted over and over again. If you are smart, hungry, and driven, the sky's the limit at Horatio!
Wellness Program: Horatio is committed to spreading mental health awareness and promoting its importance. To take care of our people we have in-house clinical psychologists.

Apply for this position

Required*

Apply with Indeed

First Name*

Last Name*

Email Address*

Phone*

Address

Resume*

We've received your resume. Click here to update it.

Attach resume or Paste resume

Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

Desired salary*

Human Check*

Submit Application

Supercharge your career with us

Join our family

Information Security and Compliance Specialist (SDQ)

Monitor and interpret regulatory requirements, industry standards, and best practices related to information security, privacy, and compliance.

Developing and implementing policies and procedures for IT governance and risk management, including identifying, assessing, and mitigating risks.

Develop, implement, and maintain compliance frameworks, policies, and procedures to align with applicable laws (e.g., GDPR, HIPAA, PCI DSS) and industry standards (e.g., ISO 27001, NIST).

Conducting regular audits and assessments to ensure compliance with applicable laws, regulations, and standards, such as SOC 2 Type 2, HIPPA, the Payment Card Industry Data Security Standard (PCI DSS), the General Data Protection Regulation (GDPR), and the Sarbanes-Oxley Act (SOX), etc.

Ensure clear documentation and communication of IT policies and procedures to relevant stakeholders.

Working closely with other IT and business teams to integrate risk management and compliance considerations into the organization's operations and processes.

Providing guidance, training, and support to other members of the organization on IT governance and risk compliance best practices and protocols.

Keeping up to date with the latest developments in IT governance and risk compliance, and evaluating and recommending solutions and tools to enhance the organization's compliance posture.

Reporting on the organization's compliance status and risk profile to relevant stakeholders, such as the Head of IT, regulatory bodies, and external auditors.

Strong analytical skills with the ability to assess risks, analyze complex problems, and develop practical solutions.

Excellent communication skills with the ability to articulate technical concepts to non-technical stakeholders and influence decision-making at all levels of the organization.

Strong project management skills with the ability to prioritize tasks, manage multiple projects simultaneously, and meet deadlines in a fast-paced environment.

Collaborative mindset with the ability to work effectively in cross-functional teams and build strong relationships with internal and external stakeholders.

Understanding of risk management principles and techniques, including risk assessment, risk analysis, and risk mitigation.

Experience with data protection and privacy regulations, such as GDPR and HIPAA.

Familiarity with cybersecurity and network security concepts, including threat intelligence, incident response, and vulnerability management.

Ability to develop and implement policies and procedures related to IT governance and risk management.

Strong communication and presentation skills, with the ability to explain complex technical concepts to non-technical audiences.

Ability to analyze and interpret data and use it to inform decision-making.

Strong problem-solving and critical-thinking skills.

Education and Experience:

Benefits:

Apply for this position