Information Security and Compliance Officer - ref. a56099503
Alohi SA brings together a team of highly competent engineers that focus on merging state-of-the-art technologies with compelling user experience in order to simplify and enhance life for companies and people around the world. The company provides Sign.Plus (a legally binding electronic signature), Fax.Plus (online faxing), and Scan.Plus (AI-powered mobile scanner) services to over 4,000,000 customers worldwide.
At Alohi, we began our journey with an initial seed investment from Fongit “Fondation Genevoise pour l’Innovation Technologique” which is backed by the state of Geneva. But instead of relying on external funding to fuel our growth, we’ve chosen to bootstrap our way to success.This approach has allowed us to prioritize our customers and build products that truly meet their needs, without being beholden to outside investors. By remaining financially independent, we’ve been able to maintain our autonomy and agility, which have been key factors in our ability to innovate and stay ahead of the curve.
Job Description
We are looking for an experienced Information Security and Compliance Officer to design and enforce policies and procedures that protect our customers’ data from all forms of security breaches. You will be responsible for implementing policies and procedures aligned with standards, frameworks and regulations, including but not limited to ISO 27001, SOC 2, HIPAA and GDPR.
Responsibilities- Ensure ongoing compliance with ISO 27001, SOC 2, HIPAA, GDPR, and other applicable frameworks.
- Implement and enhance policies and procedures aligned with industry standards and regulations.
- Conduct regular assessments to verify and validate compliance efforts.
- Manage and review vendor paperwork, ensuring compliance with legal and regulatory requirements.
- Apply effective risk management techniques and offer proactive advice on possible legal issues
- Communicate and negotiate with external parties (regulators, auditors, external counsel, public authority etc.), creating relations of trust
- Proven experience in a compliance role, preferably in a similar industry.
- Knowledge of ISO 27001, SOC 2, HIPAA, GDPR, and PHIPPA.
- Solid knowledge of various information security frameworks
- Experience participating in compliance audits and investigations
- Ability to educate a non-technical audience about various security measures
- Outstanding communication skills
- MA or BSc in Business Administration will be considered an advantage
- Fluent in English (Both writing and speaking)