About Bitdefender

Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide. Guardian over millions of consumer, enterprise, and government environments, Bitdefender is one of the industry’s most trusted experts for eliminating threats, protecting privacy, digital identity and data, and enabling cyber resilience. With deep investments in research and development, Bitdefender Labs discovers hundreds of new threats each minute and validates billions of threat queries daily. The company has pioneered breakthrough innovations in antimalware, IoT security, behavioral analytics, and artificial intelligence and its technology is licensed by more than 180 of the world’s most recognized technology brands. Founded in 2001, Bitdefender has customers in 170+ countries with offices around the world. For more information, visit https://www.bitdefender.com

Job Description

Scope:

The Compliance Specialist will support Bitdefender’s compliance and audit activities, ensuring that our projects, products, and services meet industry standards, including GDPR, SOC 2 Type II, and various ISO certifications. This role involves providing assistance during internal and external audits, collaborating with teams across the organization, engaging with multiple systems, tools, and processes.

Experience Level:
This is a medium-level position, requiring 3 to 4 years of experience in project management, auditing, or a related field. Familiarity with key compliance standards is essential, and additional knowledge of other regulatory frameworks is advantageous.

Core Responsibilities:

Act as a liaison between technical teams and both internal and external auditors, organizing audit materials and preparing for certification renewals. Conduct internal reviews and spot checks in targeted areas to assess adherence to organizational standards and policies, addressing compliance issues as they arise. Facilitate the remediation of any gaps identified through internal and external audits, ensuring that corrective actions are effectively implemented. Support the organization’s audit readiness efforts by coordinating essential controls, maintaining documentation, and providing guidance to relevant teams on compliance standards.

Regulatory Compliance, Documentation, and Implementation Monitoring:

Ensure that Bitdefender’s product portfolio aligns with GDPR and other data privacy regulations, promoting compliance across all regions where our products are marketed. Collaborate with product teams to address compliance requirements specific to EU and other regional standards, adapting as needed for local regulatory environments. Oversee the planning and implementation of compliance requirements across both internal and client-facing products and services, ensuring that all relevant controls are integrated effectively. Develop and maintain documentation on compliance metrics, audit findings, and corrective actions, and implement tracking systems to monitor ongoing adherence.

Process and Policy Review, Risk Assessment, and Improvement:

Conduct routine risk assessments to identify potential areas of non-compliance, proposing strategies to mitigate identified risks. Review, monitor, and update internal processes and workflows to ensure they comply with ISO 9001, ISO 27001, SOC 2 Type II, GDPR, and other regulatory standards. Work closely with cross-functional teams to integrate compliance requirements into operational processes, aligning workflows with audit standards while minimizing any impact on the development timeline.

Cross-Departmental Collaboration and Coordination:

Coordinate compliance initiatives across departments, promoting consistent application of policies and standards throughout the organization. Serve as a key point of contact for compliance-related policies, encouraging collaboration across teams to support uniform application of standards and practices. Conduct and facilitate internal training sessions to enhance understanding of both compliance standards and internal policies, ensuring teams are well-prepared to meet audit and regulatory expectations.

Key Competencies and Experience:

Audit and Compliance Knowledge: Knowledge of core compliance standards, including ISO 9001, ISO 27001, SOC 2 Type II, and GDPR. A deeper understanding of one or more of these standards is highly beneficial. Insight into Software Development Lifecycle: Familiarity with the software development lifecycle (SDLC), particularly in agile environments, to support integration of compliance within a high-paced development process. Project Management Experience: Previous experience as a project manager in a technology-focused setting is a strong plus, bringing valuable skills in managing timelines, resources, and interdepartmental collaboration. Technical, Problem-Solving, and Process Improvement Skills: Ability to proactively identify compliance risks, utilize data-driven insights to support continuous improvement, and recommend enhancements to strengthen processes. Effective Communication and Collaboration: Strong interpersonal skills with an ability to communicate clearly across departments and work effectively with both internal and external stakeholders.

Education and Qualifications:

Bachelor’s degree in Information Technology, or certification in Auditing, Compliance, Process Management, or a related field. 3 to 4 years of experience in project management, auditing, or managing complex compliance processes, preferably in a technology environment. Relevant certifications (e.g., CISA, CISM, ISO 27001 Lead Auditor) are a plus. Familiarity with frameworks such as ITIL and ISO 20000 is advantageous.

Key Deliverables:

Conduct internal reviews and actively support audit preparation for certification renewals. Create and maintain clear and comprehensive documentation on compliance controls, audit findings, and corrective actions. Deliver regular reports to senior management on compliance metrics and audit outcomes. Oversee and support the implementation of audit-driven requirements, ensuring that Bitdefender’s agile development practices align with regulatory standards.