Compliance Specialist
New Charter Technologies
Job Level
Mid-LevelSenior
About the role
- Own the ISMS documentation and audit programme, coordinate internal and external audits, oversee the risk register, and support internal teams on policy compliance and security awareness
- Maintain and evolve the ISMS documentation and controls in line with ISO 27001:2022
- Coordinate and lead internal audits (quarterly for TZ) and external certification audits
- Write up audit findings and risk reports for SLT and the Board
- Monitor ISMS KPIs and compliance metrics
- Own the company-wide risk register and associated documentation
- Support teams in identifying, assessing, and documenting risks
- Track and ensure timely implementation of Risk Treatment Plans
- Maintain the incident log, ensuring proper documentation, root cause analysis and closure
- Drive corrective actions and improvements from internal/external audits and incidents
- Maintain and develop ISO 27001-compliant security policies (non-Engineering)
- Coordinate business-wide security awareness training (e.g., KnowBe4)
- Champion InfoSec awareness and lead monthly security meetings
- Complete InfoSec and risk sections of client due diligence questionnaires
- Support the development of a Trust Centre to streamline security responses
Requirements
- 3+ years in an Information Security or Risk Management role with experience in ISO 27001 implementation and audits
- A strong understanding of risk frameworks, internal controls, and compliance management
- Experience with audit coordination and ISMS documentation
- The ability to translate technical and regulatory language into business-friendly advice
- Working knowledge of privacy, AML, and business continuity requirements
- Familiarity with InfoSec tooling (e.g., Drata, Vanta, KnowBe4)
- Exceptional communication, reporting and organisational skills
- Right to Work in South Africa (application form asks)
