Staff Software Engineer on Vulnerability Management team at Salesforce, driving security tooling strategy and automation for detecting and remediating vulnerabilities. Collaborate with cross - functional teams while providing mentorship and delivering high - quality engineering solutions.
About the role
- Sr Information Security Compliance & Audit Analyst supporting ISO27001 compliance and audit activities. Manage IT compliance activities across North and Central America at Ingram Micro.
Responsibilities
- Manage and Support IT compliance activities for regional information security support of ISO27001 auditing, reporting and remediation where appropriate
- Coordinate and communicate IT compliance activities to align with Global Information Security leadership in support and improvement of ISO27001 management system
- Ensure regional Information Security compliance to Information security standards (ISO27001) requirements
- Plan and conduct complex IS and integrated audit/compliance projects, including preparation of an objective risk-based assessment and an effective audit/compliance approach
- Leads and/or participates on audit/compliance activities of various locations and departments for compliance with plans, policies and procedures
- Execute operational activities to support IS audit and compliance activities including technical validation processes
- Execute collection of evidence to support compliance status
- Provide and present reporting including monthly metric delivery
- Manage escalation and enforcement for unresolved noncompliance issues
- Manage and Support External Audit activities and reporting
- Work with Information Security staff to ensure tools and reporting mechanisms are satisfactorily meeting statutory objectives
- Support compliance and security validation of all 3rd party IT providers
- Maintain strong working relationships with internal and external support teams including Global, Regional and Country Information Security associates
- Work on special projects as required by management
- Stay abreast of changes within the Information Security compliance areas including business change requirements and regulatory changes from an international perspective
- Support and enforce Information Security Policy, Standards, and Guidelines for business operations and technology implementations
- Work as the Subject Matter Expert (SME) on assigned projects and offers council regarding the intent of Compliance requirements
Requirements
- Bachelor’s degree in computer science, engineering, or related science and math discipline with an information security or business emphasis
- A minimum of 5 years of experience with IS compliance projects (specifically ISO27001)
- Understands key security concepts such as access management, vulnerability and patch management, security information event management, and encryption
- Strong understanding of TCP/ IP and other network protocols
- Understanding of the basic audit best practices, standards and methodologies
- Ability to formulate detailed technical documentation preferred
- ASQ Certified Engineer, Auditor or OE Managers preferred
- Experience using SharePoint, MS Excel, Word, PowerPoint and Visio
- Must possess a valid passport and be legally allowed to leave and return to originating country.
Benefits
- Healthcare benefits
- Paid time off
- Parental leave
- 401(k) plan and company match
- Short-term and long-term disability coverage
- Basic life insurance
- Wellbeing benefits
Job title
Job type
Experience level
Salary
Degree requirement
Location requirements
Data Center Security Officer responsible for conducting patrols and controlling access. Ensuring security and safety in data center facilities while monitoring surveillance and reporting issues.
Senior Security Auditor managing audit program operations for global security audits at NTT DATA. Focusing on coordinating, executing audits, producing reports and tracking remediation.
Security Architect in Transactions domain ensuring cybersecurity for Payments and Financial markets. Collaborating with teams to enhance compliance and security practices.
Modern Infrastructure and Security Architect at MUFG responsible for directing cyber security initiatives. Collaborating with engineers to enhance security features and tools across the organization.
Senior Federal Technical Program Manager driving execution of federal cloud operations. Facilitating engagements between HPE's CSP and MSP teams while ensuring compliance and operational efficiency.
Cloud Cybersecurity Engineer supporting multi - cloud environments for critical missions in alignment with the U.S. Air Force. Roles include overseeing security authorizations and collaborating with government teams.
Program Security Manager overseeing security and compliance for mission applications in the US. Managing security programs and leading facility operations at Aurora and Philadelphia locations.
Information System Security Manager providing cybersecurity and RMF support for DoD systems and applications. Collaborating with military, government, and contractor personnel to ensure national security and systems compliance.
AI Security Engineer focusing on identifying and mitigating AI vulnerabilities. Involves research, development, and implementation of adversarial machine learning algorithms.