CareerStation
ZS

Compliance & Audit Administrator

Zscaler Softech
Pune3-13 LPA Posted 18 Jun 2025
FULL TIME
Compliance
Audit
Risk Assessment
Sox
nist
+1 more

Job Description

  • Perform audits in accordance with the plan based on various control frameworks and standards;
  • Establish, monitor, document, and update compliance controls and findings;
  • Create remediation plans based on findings and initiate projects, as necessary, in order to meet commitments made within remediation plans;
  • Participate in client directed audit and compliance initiatives, including but not limited to, SAS 70 (SSAE 16) audits, client SOX audit assistance requests and Vendor Data Security and Privacy assessments;
  • Develop and update IT Policies, process maps, templates and supporting change management tools, as often as needed;
  • Assist in the development of training material in support of IT Policy adoption enterprise wide; participate in compliance training workshops, as needed;
  • Monitor compliance with existing IT Policies and supporting tools;
  • Liaison with ZS Client Teams and the ZS SaaS Hosting Team Manager to ensure that all mutually agreed upon business operations SLAs are met;
  • Plan and participate in DR planning and testing;
  • Assist with vendor review and selection in support of on-going internal and client directed compliance initiatives;
  • Assist the Legal team with the review of client contracts as it relates to technology specific compliance requirements;
  • Assist the Legal team with the interpretation of various US and EU laws and technical compliance directives and determine potential impact to the organization.
  • Assist with the completion of client RFPs and RFIs as it relates to compliance;
  • Work with IT, consulting, SD Group and legal teams on compliance standards;
  • Security and compliance projects as assigned.

What you ll bring:

  • 2 years of information systems experience with audit planning, risk assessment, and reporting/documentation
  • Hardware, software, and networking information technologies
  • IT security, controls, practices, and procedures
  • Working knowledge of various control frameworks like mentioned below are desirable:
  • COBIT Control Objectives for Information and Related Technology
  • ISO/IEC 27002:2005 Code of Practice for Information Security Management
  • ITIL Information Technology Infrastructure Library
  • SOX Sarbanes-Oxley
  • HIPAA HITECH Health Insurance Portability and Accountability
  • SAS 70 Statement of Auditing Standards No. 70
  • SSAE 16 Statement on Standards for Attestation PCI DSS Payment Card Industry Data Security Standard
  • Engagements
  • ISAE 3402 International Standard for Assurance Engagements
  • NIST National Institute of Standards and Technology
  • Disaster Recovery planning and testing

Required Skills

ComplianceAuditRisk AssessmentSoxnistIt Security