Overview
Hybrid
Depends on Experience
Full Time
25% Travel
Skills
GRC
IAM
Secuirty
SOC
Job Details
Responsibilities:
- Develop and implement security governance, risk management, and compliance (GRC) strategies, policies, and procedures in line with industry standards and regulations
- Monitor and assess potential security risks and vulnerabilities, and develop mitigation plans to prevent and address potential threats
- Collaborate with cross-functional teams to ensure security requirements are integrated into all stages of product development and deployment
- Manage and maintain security compliance certifications and audits, ensuring timely completion and accuracy of all required documentation
- Stay updated on industry best practices and regulations related to security and GRC, and make recommendations for improvements to existing processes and procedures
- Conduct regular security trainings and awareness programs for employees to promote a culture of security and compliance
- Lead incident response efforts in case of security breaches or incidents, and provide post-incident analysis and recommendations for future prevention
- Manage relationships with external auditors, regulators, and other stakeholders to ensure compliance with all applicable security standards and regulations
- Communicate regularly with senior management and other stakeholders to provide updates on security and compliance initiatives and address any concerns or issues
- Stay informed about emerging security technologies and trends, and make recommendations for their adoption if relevant to the organization's security strategy
- Supervise and mentor junior team members, providing guidance and support in their professional development
- Collaborate with sales and marketing teams to communicate the organization's security and compliance measures to potential and existing customer
- Participate in customer meetings and presentations to address any security or compliance inquiries
- Maintain and continuously improve the organization's security incident response plan
- Conduct regular internal audits and risk assessments to ensure ongoing compliance and identify any potential areas for improvement
Qualifications:
- 10 + years of experience in the information security leadership, GRC, and product security spaces
- 7+ years of experience in leading and managing security teams (offshore & onsite)
- Proven track record of building and implementing successful security programs including SOC
- Proven knowledge of IT GRC frameworks such as COBIT, ISO 27001, NIST, etc.
- Experience building and operating a security incident response program
- Ability to build meaningful partnerships across diverse geographies and cultures
- Strong understanding of product security best practices and industry standards
- Excellent communication, presentation, and interpersonal skills
- Ability to work effectively in a global environment, and experience with international customers
- Strong analytical and problem-solving skills