Project Manager (compliance security assessments)

Prowess Consulting

6d•$95,000 - $105,000•Remote

About The Position

Prowess Consulting is a consulting firm specializing in helping large technology enterprises define, manage, benchmark, and market their solutions and services. The firm invests time to deeply understand clients' technologies, customers, and market strategies, with a team of technology and marketing experts immersed in relevant trends. As a security compliance manager, you will be crucial in driving the development and compliance of key features for the client's products. This involves working with cross-functional teams to ensure features meet security and compliance standards for preview and external releases. Responsibilities include coordinating with software engineering and compliance teams, managing compliance assessments, and resolving compliance issues. This is a three-month, full-time remote role, requiring collaboration with teammates in the Pacific time zone. Candidates must reside in one of the specified states: Alabama, Arizona, California, Colorado, Connecticut, Georgia, Illinois, Iowa, Michigan, Minnesota, Mississippi, Missouri, New Jersey, New York, North Carolina, Oregon, Pennsylvania, South Carolina, Texas, Utah, Virginia, or Washington.

Requirements

3-4+ years of Program Management experience necessary
Strong interpersonal and written communication skills
Demonstrated ability to own and drive programs and initiatives by working through ambiguity with a large amount of flexibility
Familiarity with cybersecurity, risk management and audit best practices required
Strong understanding of security and supply chain concepts, standards, and control frameworks
Strong understanding of regulatory frameworks, such as NIST, ISO and CIS, and the ability to interpret requirements into actionable workstreams
Good track record of working collaboratively and effectively with senior leaders and teams across organizational boundaries
Experience influencing others without authority
Experiences building PowerBI dashboards or producing dashboard specifications
Must have stellar organizational skills and be able to work well with multiple technical groups and stakeholders in multiple areas

Nice To Haves

Working experience with Cyber EO and/or Cyber Resilience Act (CRA) is strongly desired
Experience using a variety of tools to manage compliance such as S360, ADO are desired

Responsibilities

Drive end to end execution of security assessments that include: Creating assessment questionnaires, Conduct kickoffs, review assessment responses, and identify risks/control gaps from a risk management perspective, Perform risk scoring exercise and maintain risks in the risk register
Track implementation (and adherence) of security requirements across engineering groups/teams
Collaborate with partner teams to build continuous monitoring capabilities/reports for security requirements
Validate compliance to security requirements and drive compliance sign off process for upcoming releases
Coordinate with partner teams on security scope and finalize implementation requirements
Support strategy and roadmap development for existing and emerging cybersecurity certification and/or regulatory requirements for internal/external audit needs
Support risk management process enhancements
Support the development and ongoing maintenance of Standard Operating Procedures (SOPs)
Work with assigned groups to ensure security compliance
Create and maintain risk dashboards using Power BI or similar tools and report to leadership
Socialize risks/control gaps with service owners
Support certification and audit preparation efforts for internal and external regulatory requirements.
Drive execution of Security Compliance frameworks (NIST, SDLC, etc.)