We are looking for an experienced individual to join our information and cyber security team and take point on security governance, risk, assurance and compliance.
Help us govern information security through policies, training, establish vendor's security assurance, and advance our business toward security and privacy compliance licenses and audits.
- Leading our 3rd party risk assessment program, assessing our vendors questionnaires, compliance and their attack surface
- Responsible of our security awareness program, preparing general and teams dedicated trainings, quizzes and campaigns
- Take part of the company governance, regulations and compliance efforts
- Recommend information security policies, standards and guidelines by evaluating the organization's outcomes, identifying problems, evaluating trends, and anticipating requirements
- Answer company prospects security questions and questionnaires supporting the company operations
- Part of the Cyber & Information security team, taking active role in the security operations of the company
- 3+ years of experience in an Information Security position in finance, technology or consulting companies.
- Background and experience in information technology, engineering or other technological roles.
Experienced with the following
- Experience with security & privacy standards and regulations such as SOC 1, SOC 2, ISO 27001, GDPR, CCPA, etc.
- Vendor Security Assessments
- Risk Management
- Security Policies
- Conducting Security Audits or being directly audited
- Client security RFIs/questionnaires
- Cloud Security (AWS, Azure and other cloud solutions)
- Strong social skills or very experienced with delivering in person training
- Experienced with Incident Response, Vulnerability Management & Security Solutions
- Industry security certifications, relevant security educations or courses - Advantage
- Hands-on experience & expertise at Microsoft windows endpoint and server operating systems and infrastructure security - Advantage
- Hands-on experience with Cloud services; AWS - Advantage
- People person; you connect to people fast, people tend to like you, you are patient and empathic about your colleagues
- Autodidact; you have taught yourself much, you can learn on the fly and don’t necessarily need direction
- Willing to take ownership and responsibility for high impact responsibilities and projects, even when extreme effort, complex cross-team factors are necessary