PurpleBox, Inc.
Empower Your Team with Managed Services to Successfully Detect, Protect, Respond, & Recover from Cyberattacks 🖥
devops • isaca • cloud • information technology security • cyber risk
11 - 50
Information Security Risk and Compliance
October 10, 2023
Cloud
DevOps
PurpleBox, Inc.
Empower Your Team with Managed Services to Successfully Detect, Protect, Respond, & Recover from Cyberattacks 🖥
devops • isaca • cloud • information technology security • cyber risk
11 - 50
Description
• Manage and execute the day-to-day information security risk and compliance operational activities • Develop and recommend appropriate information security policies, standards, procedures, checklists, and guidelines using generally recognized security concepts tailored to meet the requirements of the organization • Identify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholders • Communicate regularly with teams and staff as part of risk assessments, follow-up on open issues, status tracking, and other miscellaneous items. • Independently design, recommend, plan, develop, and support implementation of project-specific security solutions to meet requirements • Manage remediation of identified risks and vulnerabilities; identify those within the organization responsible for remediation tasks; track progress on remediation of identified risks and vulnerabilities and provide appropriate reporting to all constituents • Provides regular reporting metrics on the current state of the program. • Other duties as assigned
Requirements
• Bachelor’s degree in Computer Science, Information Technology, Business Administration, or related field • Experience in information security risk assessment, compliance and/or security operations • Previous experience in one or more of the areas below is a plus: - IT Security Strategy and Management - Risk Management, IT Audit, and Compliance - Network, System, Database administration, support and/or help-desk experience - Application Security, Software Development - Security Monitoring, Data Loss Prevention, Incident Response • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences. • Strong analytical skills to analyze security requirements and relate them to appropriate security controls. • Working knowledge of relevant security regulations, standards and frameworks, including SOC2, ISO27000, PCI, HIPAA, and NIST CSF. • Professional certifications such as CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor) or other similar credential is a plus.
Benefits
• Competitive salary • Opportunities for growth and advancement • Comprehensive healthcare coverage • Retirement savings plan • Paid time off and holidays • Company culture focused on innovation and collaboration
Apply Now
