Cyber Security Engineer V - Ava Consulting
San Jose, CA
About the Job
Security Compliance Engineer - AWF
The Global Information Security team is responsible for driving security compliance activities for *** Payments, Marketplaces, Corporate IT, and adjacent businesses. The Security Compliance Analyst will play a critical role working directly with business leaders to understand security compliance issues, lead technical compliance assessments and mitigation efforts, and develop effective remediation programs and actions to resolve compliance issues.
Key Responsibilities
Ability to provide pragmatic guidance to business leaders and stakeholders that effectively balances security compliance risks with the needs of the business.
Contribute to the growing information security and compliance program at ***, including performing security compliance audits, identifying problems and areas for process improvement
Work closely with internal business units and relevant departments to assess compliance and where necessary, provide support in remediating non-compliant areas
Have a deep understanding of security controls, underlying business processes, concepts, practices, and tools used to promote adoption of applicable security standards
Advise management on specific security requirements, implementations and the impact on business processes, applications and systems as needed
Generate periodic reports to teams and senior stakeholders and make practical recommendations to improve security practices
Research and extract insights from industry standards and trends, apply them to the scope of internal controls and improve security practices and compliance in the company
Facilitate organizational adoption of new security controls, standards and best practices through thoughtful change management strategies
Document security/technology control requirements and develop methods to meet new cyber security and compliance needs and requirements as needed.
Coordinate compliance and audit activities with other groups.
Requirements
7+ years of security and compliance experience. Experience in eCommerce, Payments, or Technology space a plus
Experience with/understanding of PCI DSS, SOC 2, ISO 27001, NIST and/or other industry standard control frameworks.
Experience with managing third party audits including working with internal teams to collect evidence to be used in an audit.
Strong technical understanding of security compliance requirements and solutions, as well as threats and challenges impacting the protection of information across an extended global enterprise.
Possess general knowledge of networking, encryption, authentication, payment infrastructure, cloud infrastructure and application security
Capable of flexing between high level strategic concepts & frameworks to tactical operational implementation
Self-starter with a bias towards action and can thrive in a fast-paced and ambiguous environment
Exceptional communication skills including clear and concise writing, an engaging presentation style, and group facilitation
Strong teamwork skills with a demonstrated ability to collaborate across teams and roles
The Global Information Security team is responsible for driving security compliance activities for *** Payments, Marketplaces, Corporate IT, and adjacent businesses. The Security Compliance Analyst will play a critical role working directly with business leaders to understand security compliance issues, lead technical compliance assessments and mitigation efforts, and develop effective remediation programs and actions to resolve compliance issues.
Key Responsibilities
Ability to provide pragmatic guidance to business leaders and stakeholders that effectively balances security compliance risks with the needs of the business.
Contribute to the growing information security and compliance program at ***, including performing security compliance audits, identifying problems and areas for process improvement
Work closely with internal business units and relevant departments to assess compliance and where necessary, provide support in remediating non-compliant areas
Have a deep understanding of security controls, underlying business processes, concepts, practices, and tools used to promote adoption of applicable security standards
Advise management on specific security requirements, implementations and the impact on business processes, applications and systems as needed
Generate periodic reports to teams and senior stakeholders and make practical recommendations to improve security practices
Research and extract insights from industry standards and trends, apply them to the scope of internal controls and improve security practices and compliance in the company
Facilitate organizational adoption of new security controls, standards and best practices through thoughtful change management strategies
Document security/technology control requirements and develop methods to meet new cyber security and compliance needs and requirements as needed.
Coordinate compliance and audit activities with other groups.
Requirements
7+ years of security and compliance experience. Experience in eCommerce, Payments, or Technology space a plus
Experience with/understanding of PCI DSS, SOC 2, ISO 27001, NIST and/or other industry standard control frameworks.
Experience with managing third party audits including working with internal teams to collect evidence to be used in an audit.
Strong technical understanding of security compliance requirements and solutions, as well as threats and challenges impacting the protection of information across an extended global enterprise.
Possess general knowledge of networking, encryption, authentication, payment infrastructure, cloud infrastructure and application security
Capable of flexing between high level strategic concepts & frameworks to tactical operational implementation
Self-starter with a bias towards action and can thrive in a fast-paced and ambiguous environment
Exceptional communication skills including clear and concise writing, an engaging presentation style, and group facilitation
Strong teamwork skills with a demonstrated ability to collaborate across teams and roles
Source : Ava Consulting