Senior Security Assurance Manager

Vaga não está no LinkedIn

🕒 5 dias atrás

⚔️ Virginia, Washington – Remoto

⚔️ Virginia – Remote ☕ Washington – Remote

💵 $170.000 - $230.000 / ano

⏰ Tempo Integral

🟠 Sênior

👮‍♂️ Cibersegurança / Engenheiro de Segurança

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

Trase

SiteLinkedInTodas as Vagas

11 - 50 funcionários

Fundada em 2023

🤖 Inteligência Artificial

🏢 Corporativo

Artificial Intelligence • Enterprise • Healthcare

A Trase é uma plataforma de Agentes de IA projetada para simplificar e acelerar a adoção de IA para negócios. A Trase ajuda líderes empresariais a superar a complexidade de construir e implantar capacidades de IA, fornecendo soluções integradas, adaptáveis e personalizadas para atender necessidades específicas do negócio. A plataforma é particularmente adequada para usuários corporativos em setores como saúde, ciências da vida e energia. Ela apresenta um sistema multiagentes com integrações profundas em fontes de dados, permitindo que as empresas adotem tecnologias de IA de ponta sem a necessidade de talentos especializados internos. A Trase foca em transformar fluxos de trabalho empresariais complexos e aumentar a produtividade através de seus agentes de IA, garantindo que a implantação e a segurança sejam geridas de forma transparente.

Descrição

• Own and operate Trase's SOC 2 and HIPAA programs end-to-end, including scoping, control design, evidence collection, and remediation tracking. • Lead readiness and execution for additional frameworks as Trase enters new markets, including ISO 27001, FedRAMP, NIST 800-53, CMMC, and ISO 42001. • Manage the full lifecycle of internal and external audits, serving as the primary point of contact for auditors, assessors, and regulators. • Maintain Trase's enterprise risk register, conducting recurring risk assessments across people, process, and technology. • Design, document, and operationalize security policies, standards, and procedures aligned to industry frameworks and Trase's risk appetite. • Own our common control framework in Drata, monitoring and refining controls across overlapping regimes to minimize duplication and audit burden. • Shift Trase's compliance posture from reactive to proactive by implementing continuous control monitoring, automated evidence collection, and recurring control testing. • Define KRIs, KPIs, and reporting cadences that give leadership real-time visibility into the health of the security program. • Identify control gaps, perform root cause analysis, and drive remediation in partnership with control owners across the enterprise. • Enhance and operate Trase's third-party risk management program, including vendor security reviews, ongoing monitoring, and contractual security requirements. • Partner with Legal to ensure DPAs, BAAs, and security addenda meet regulatory and customer requirements. • Serve alongside other subject matter experts or leaders, as a senior representative in customer security reviews, RFPs, and prospect-facing trust conversations. • Maintain trust collateral (SOC 2 reports, security questionnaires, trust portal content) and reduce friction in customer due diligence. • Translate customer and regulator expectations into actionable program requirements. • Partner closely with peers within Trase Security and Compliance, Engineering, and across the enterprise to ensure controls are operating effectively, as designed. • Collaborate with Legal, HR, IT, and Finance on shared control ownership and program execution.

🎯 Requisitos

• 10+ years of progressive experience in security assurance, GRC, controls engineering, or information security audit roles, including several years in a senior or program-owning capacity. • Deep, hands-on experience owning or supporting SOC 2 and HIPAA programs end-to-end, including managing external auditors or internal assessors. • Strong working knowledge of additional frameworks including ISO 27001, FedRAMP (Moderate/High), NIST 800-53, NIST CSF, and CMMC, preferably with experience mapping or consolidating their underlying requirements within common control frameworks (CCF). • Demonstrated experience designing and operating continuous control monitoring programs to achieve situational awareness before issues materialize as findings in external contexts (e.g., audits). • Proven ability to author clear, defensible security policies, standards, procedures, and memoranda. • Strong risk management foundation, including hands-on experience conducting risk assessments and maintaining a risk register. • Experience leading customer-facing security reviews, RFP responses, and trust conversations with sophisticated enterprise buyers or partners. • Track record of partnering effectively with engineering and product teams to design controls into systems rather than around them. • Excellent written and verbal communication skills, with the ability to translate between auditors, executives, customers, and engineers. • Strong affinity and practical skill for working with LLMs and AI agents as part of your own workflow—clear judgment on when and how to deploy them to move quickly, orchestrate work, and operate with confidence.

🏖️ Benefícios

• Career track opportunity with potential for rapid advancement with strong performance as the firm grows • 100% employer paid, comprehensive health care including medical, dental, and vision for you and your family. • Paid maternity and paternity for 14 weeks at employees' normal pay. • Unlimited PTO, with management approval. • Opportunities for professional development and continued learning. • Optional 401K, FSA, and equity incentives available. • Mental health benefits are available through Tara Mind.