Review & validate the security controls across all the in-scope regulations/frameworks
Improve the security risk posture to keep following current threat landscape, enterprise strategy/initiatives and current regulatory requirements at least annually.
Drive remediation items to closure. Maintain accurate reporting of remediation activities to bring appropriate visibility to partners and their leadership regarding their open items
Be a subject matter expert and guide during customer and supplier contract negotiations (Procurement or Legal-led negotiations)
Support implementing appropriate security controls to support the compliance and risk requirements of the enterprise, the product suite, and customers.
What We'd Like to See
At least 1 IT Security certification required (ISO 27001, ISC2 CC etc)
Knowledge of the common security domains, industry standards.
Experience with common security and privacy frameworks (i.e., ISO 27001/2, SOX IT Controls, SOC2 Trust Principles, PCI-DSS, HIPAA, GDPR, NIST 800-53, FedRAMP, CIS18)
Concepts to your team and IT.
Demonstrated experience with controls definition, development, and assessment.
Role Essentials
A nature to varying environments and cultures. Excited about working with a GRC team that encourages cross-training and occasionally supporting other functions inside the team (supplier trust, key compliance efforts, training, etc.)
Able to manage assignments and efficiently prioritise
Experience in documenting and contributing to the development of security plans, compliance process flows and process creation
BA/BS or equivalent educational background, we will consider an equivalent combination of relevant education and experience
Minimum 2+ years of relevant professional experience
Perks & Benefits
Comprehensive health, vision, and wellness benefits (Paid parental leave, adoption benefits, life insurance, disability insurance and 401k plan or international pension/retirement plans
Flexible time-off policy and hybrid working practices
Tuition reimbursement program to support your and personal growth
Equity opportunities and an employee stock purchase program (ESPP)
Comprehensive Mental Health and Employee Assistance Program (EAP) benefit