Security & Compliance Manager

View full description

Requirements:

• Minimum 2+ years in a People Manager role of a Security team with experience in growing individuals.
• Minimum 5+ years of continuous experience in Cyber Security, along with experience in Engineering, Operations, and/or Compliance.
• Experience in Vendor Management and buy versus build decisions.
• Deep technical knowledge of Cyber Security, DevOps, and InfraOps preferred.
• Understanding of Security Architecture principles like Defense-in-Depth, Secure by Design, Zero Trust.
• Experience with environments like Azure, AWS, and Private Cloud.
• Knowledge of technologies including IaC, SDN, Firewalls, Servers, Containers, Serverless, Endpoints, Collaboration.
• Familiarity with Security Program Phases: Risk Assessment, Architecture and Design, Implementation, Operations, and Monitoring.
• Strong organizational and leadership skills; capable of communicating technical information to non-technical audiences.
• Certification in at least one of CISA, CISM, or CISSP.
• Knowledge of NIST, CIS, ISO, OWASP standards and best practices.
• Experience with Microsoft Defender, Rapid7, CoalFire, and Trivy are positives.

Responsibilities:

• Lead the daily operations of the Security Engineering and Compliance department.
• Advise executives on strategies for optimizing the security of data, systems, and processes.
• Review and update security and privacy policies and roadmaps.
• Design, implement, manage, and automate cybersecurity solutions.
• Conduct thorough security assessments and risk analyses.
• Collaborate with teams to integrate security practices into development lifecycles.
• Monitor and respond to security incidents and conduct investigations.
• Stay abreast of emerging threats and implement countermeasures.
• Develop and deliver cybersecurity training programs for staff.
• Evaluate and recommend technologies to enhance the cybersecurity posture.
• Conduct regular security audits and assessments to ensure compliance.