Senior Information Security Compliance Engineer

About The Position

Requirements

• Bachelor's Degree in Information Security and Assurance, Computer Science, Cybersecurity or related field required
• Minimum 5+ years of extensive all-round experience in the field of Cybersecurity with expertise in security compliance and audit
• Knowledge of common information security management frameworks, such as ISO/IEC 27001 or related and NIST Cybersecurity Framework (NIST CSF).
• Familiarity with identity and access management (IAM), endpoint protection, SIEM, and vulnerability management systems.
• Proven experience in information security, particularly within auditing, compliance and risk management.
• Strong communication and interpersonal skills, including executive communication to senior leadership with focus towards building bridges with key collaborators.
• Strong critical thinking and problem-solving skills to resolve problems effectively and creatively while maintaining a high level of flexibility, professionalism, and integrity.
• Security compliance frameworks and audits - Cloud and infrastructure security controls
• Auditing/Assurance experience
• Risk assessment and remediation planning
• Analytical thinker with strong problem-solving skills.
• Detail-oriented with a strong focus on accuracy and the ability to manage multiple priorities.
• Strong understanding of policy and procedure development and implementation

Nice To Haves

• Master's Degree Information Security and Assurance, Computer Science, Cybersecurity or related field preferred
• Experience with cloud security, encryption technologies, and network security protocols preferred.
• Preferred Certifications: CISSP, CISM, CISA, CRISC, Cloud (AWS or Azure)

Responsibilities

• Conduct regular security assessments and audits in collaboration with security architect
• Supervise compliance across various IoT products and cloud platforms.
• Coordinate internal and external audits and remediation tracking
• Lead and support frameworks including NIST 800-53, ISO 27001, FedRAMP, GDPR, EU CRA
• Implement and validate security policies, standards, and procedures in alignment with compliance obligations.
• Support risk assessments by identifying gaps in security controls and proposing remediation plans.
• Maintain and improve the cybersecurity policy framework.
• Evaluate and recommend tools for control automation and monitoring
• Collaborate with various platform teams to ensure technical security controls meet compliance requirements.
• Participate in vendor and third-party risk assessments.
• Continuously supervise security compliance metrics and key performance indicators (KPIs) for specific product families.
• Experience in writing policy and process design for compliance programs.
• Provide guidance on continuous improvement of the compliance monitoring program.

Benefits

• base salary (subject to performance)