This is a full time on-site position with the Compliance and Security Team, working to meet organizational objectives pertaining to information security. This position is responsible for compliance with risk assessment, risk treatment, vendor qualification and audit support activities. This position requires the ability to work independently on multiple concurrent complex projects. Success
in this position is largely dependent on the ability to monitor, organize and facilitate the implementation of security controls and have an effective understanding of the organization’s security policies.
Responsibilities:
- Perform risk assessments across a distributed organization.
- Work with stakeholders to identify risks and recommend risk treatment solutions.
- Work with risk owners in treatment activities using project management methodologies.
- Perform vendor evaluations and qualification based on established policies.
- Ensure compliance with ISO 27001 risk management process.
- Implements security procedures in order to comply with various compliance standards including ISO 27001:2013 and SOC 2.
- Participate in audit activities, preparation and evidence collection.
- Perform regular review and reporting activities.
- Communicate regular status on all activities and initiatives.
Qualifications
- Bachelor of Science in Computer Science (or related field) or equivalent experience.
- Understanding of AWS network and security technologies including VPC, EC2 and IAM.
- Knowledge of AWS Security Best Practices and implementation strategies.
- Knowledge of TCP/IP fundamentals, routing, encryption and firewall security concepts.
- Familiarity with one or more compliance frameworks (ISO 27001, SSAE18, FISMA, PCI-DSS, HIPAA).
- One or more information security certifications (CISSP, CISM, GIAC GSEC, OSCP, CompTIA Security+).
- Experience working directly with customers preferred.
- PMP certification a plus.
- Excellent oral and written communication skills.
- One or more additional security certifications.
What you’ll earn:
- Competitive compensation.
- Comprehensive health benefits package.
- 401(k) plan with employer match.
- Healthcare and dependent-care flexible spending account.
- Company short-term and long-term disability insurance.
- Company culture that recognizes its employees.
- Room for growth and development and management that cares about your professional growth and will help you achieve your goals.
- Significant advancement opportunities for outstanding performers.