Security Architect in Transactions domain ensuring cybersecurity for Payments and Financial markets. Collaborating with teams to enhance compliance and security practices.
About the role
- Security Compliance Engineer leading security compliance and audit activities for SaaS cybersecurity products. Collaborating across teams to ensure effective compliance and continuous improvement.
Responsibilities
- Translate ESG business objectives into actionable GRC strategies, leveraging deep product and team process understanding to create clear compliance strategies.
- Facilitate and complete all product certification activities, including financial stewardship and contract reviews as needed.
- Achieve and maintain certifications, proactively identifying and mitigating risks for continuous compliance.
- Support the ESG Product Security (ProdSec) team in security compliance activities (risk assessment, secure software development), providing expert guidance to enhance overall security posture.
- Author and maintain required certification documents.
- Communicate and translate certification requirements (ISO, SSAE 18, NIST, etc.) to engineering teams, providing expert guidance.
- Maintain current understanding of regulations; interpret and communicate changes and their implications to stakeholders.
- Track milestones, proactively manage risks, and drive solutions to completion.
- Drive completion of any customer supplier risk requests by leveraging existing information and resources.
- Monitor schedule deviations and develop corrective actions.
- Coordinate cross-timezone team activities, including occasional off-hours interaction.
- Lead the identification, evaluation, and implementation of automation tools and processes for security compliance activities, including evidence collection, control validation, and reporting.
- Develop and implement technical strategies for efficient and accurate evidence gathering, ensuring data integrity and audit readiness.
- Collaborate with engineering, ProdSec, and InfoSec teams to integrate security compliance requirements into CI/CD pipelines and automated testing frameworks.
- Identify opportunities for proactive risk identification and mitigation strategies across product lines, influencing product development and operational practices.
- Exercise good judgment in achieving compliance objectives and resolving audit findings.
- Independently manage and prioritize multiple security compliance projects, providing regular updates and data presentations to stakeholders.
Requirements
- Bachelor's degree and 8+ years of progressive experience in security compliance, audit, or program management, with a strong emphasis on cybersecurity products.
- Self-starter with Driver personality.
- Cybersecurity background, particularly cloud security.
- Proven experience project managing security compliance audit or certification projects.
- Ability to quickly grasp complex technical concepts and make them easily understandable.
- Ownership of delivery for planned, high-risk, and complicated projects.
- Driving projects from conception (planning) to completion (release).
- Ability to parse compliance language and translate into layman's terms.
- Coordinating audit activities, including evidence gathering and redaction.
- Demonstrated experience with scripting languages (e.g., Python, PowerShell) for automation of GRC processes (such as evidence gathering).
- Demonstrated ability to work autonomously and manage multiple priorities effectively in a fast-paced environment.
Benefits
- Medical, dental and vision plans
- 401(K) participation including company matching
- Employee Stock Purchase Program (ESPP)
- Employee Assistance Program (EAP)
- company paid holidays
- paid sick leave and vacation time
- Paid Family Leave and other leaves of absence.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Modern Infrastructure and Security Architect at MUFG responsible for directing cyber security initiatives. Collaborating with engineers to enhance security features and tools across the organization.
Senior Federal Technical Program Manager driving execution of federal cloud operations. Facilitating engagements between HPE's CSP and MSP teams while ensuring compliance and operational efficiency.
Cloud Cybersecurity Engineer supporting multi - cloud environments for critical missions in alignment with the U.S. Air Force. Roles include overseeing security authorizations and collaborating with government teams.
Program Security Manager overseeing security and compliance for mission applications in the US. Managing security programs and leading facility operations at Aurora and Philadelphia locations.
Information System Security Manager providing cybersecurity and RMF support for DoD systems and applications. Collaborating with military, government, and contractor personnel to ensure national security and systems compliance.
AI Security Engineer focusing on identifying and mitigating AI vulnerabilities. Involves research, development, and implementation of adversarial machine learning algorithms.
Vice President overseeing DHS & National Security Accounts at ITC Federal. Driving growth, managing P&L, and building strategic relationships across federal contracting.
Information Systems Security Officer role at AMERICAN SYSTEMS ensuring automated information systems security and compliance. Supporting federal government contracts with a focus on information technology solutions.
Information Systems Security Officer ensuring security for national priority programs at AMERICAN SYSTEMS. Overseeing automated information systems and providing security coordination for compliance and vulnerability management.