Description

  • Build and manage a Security Controls framework that encompasses the regulatory and industry compliance frameworks we comply with. 
  • Perform targeted gap assessments to identify any deviations from the control framework. 
  • Propose and manage enterprise-wide security campaigns for managing deviations to reduce risk. 
  • Partner with other InfoSec teams and Engineering teams to define and prioritize security initiatives and investments using a risk-based approach. 
  • Align risk management initiatives with applicable compliance regulations. 

Your experience should include...

  • 10+ years of experience in Information Security or related fields such as Information Technology, IT Audit, etc. 
  • 6+ years of progressive experience managing programs related to information security and information security audits. 
  • Experience building unified security controls frameworks. 
  • Experience managing audits utilizing compliance frameworks such as PCI DSS, NIST  CSF, NIST 800-53, ISO, SOC-2 etc. 
  • Executive reporting on the status of security programs and campaigns. 
  • Experience in Security Engineering concepts such as Threat modeling, architecture reviews, etc. 
  • Experience with auditing cloud infrastructure such as AWS.  

You might also have...

  • Bachelor’s degree in computer science or related field.
  • Certifications such as PCI ISA, CISA, CRISC, ISO Lead Assessor, CISSP, etc

Key Skills
Education

Bachelor's degree

Back To Jobs