Security Engineer – Compliance

🕒 Fevereiro 11

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

Berkeley Research Group (BRG)

SiteLinkedInTodas as Vagas

1001 - 5000 funcionários

💰 Venture Round em 2020-07

A BRG combina credenciais acadêmicas de renome mundial com expertise empresarial testada em campo, criada para agilidade e conectividade, o que nos diferencia e coloca nossos clientes à frente. Nossos especialistas de primeira linha incluem líderes experientes da indústria, acadêmicos renomados e cientistas de dados pioneiros. Juntos, eles trazem uma diversidade de experiências comprovadas do mundo real para economia, disputas e investigações; finanças corporativas; e serviços de melhoria de desempenho que abordam os desafios mais complexos para organizações ao redor do mundo. Nossa estrutura única nutre os relacionamentos interdisciplinares que nos dão a vantagem, estabelecendo as bases para insights mais informados e pensamentos mais originais e incisivos de perspectivas diversas que, quando combinados com nosso alcance e recursos globais, nos tornam exclusivamente capazes de enfrentar os desafios de nossos clientes.

Descrição

• Own, manage, and support the application of key compliance frameworks (SOC 1 and 2, ISO 27001, CSA STAR, NIST CSF, etc). • Develop, control, and maintain applicable organizational policies, procedures, best practices, and guides associated with key compliance requirements and in support of annual audits. • Assist in the development and implementation of an internal audit program designed to measure the effectiveness of organizational processes and procedures, assess organizational adherence to those processes and procedures, identify opportunities for organizational and systemic process improvement, and alert the organization about emerging risks to the comprehensive compliance program. • Support the Risk Management Program making risk-based decisions an integrated part of the cultural landscape, including: risk identification, risk mitigation, risk monitoring, risk reporting, and documentation of risk realization and/or retirement. • Work closely with the Security Operations (SecOps) team to ensure security functions meet operational compliance requirements and will meet/exceed independent annual audit standards. • Ensure technical, operational, and administrative controls are fully operable and meet standards necessary for SOC 1 and 2 audits. • Support Quarterly Access Reviews (QARs) as part of the larger User Access Request process.

🎯 Requisitos

• 5+ years of proven work experience as a System or Information Security Engineer, Compliance Engineer, or Risk Engineer • Detailed technical knowledge of compliance frameworks and their application across systems and organizations • Thorough understanding of the latest security principles, techniques, and protocols • Problem solving skills and ability to work under pressure • Experience with compliance frameworks (e.g., SOC 1 and 2, ISO 27001, CSA STAR, NIST CSF) • Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and network/web related protocols • Experience with cloud services (Microsoft 365, SharePoint Online, Microsoft Azure, and Amazon Web Services) • Operational understanding of security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, and content. • Strong risk background including risk identification, adjudication, and mitigation development experience

🏖️ Benefícios

• Health technology solutions • Flexible working environment • Opportunities for personal growth • Collaborative team culture