hireejobs
Register for Job
Hyderabad Jobs
Banglore Jobs
Chennai Jobs
Delhi Jobs
Ahmedabad Jobs
Mumbai Jobs
Pune Jobs
Vijayawada Jobs
Gurgaon Jobs
Noida Jobs
Oil & Gas Jobs
Banking Jobs
Construction Jobs
Top Management Jobs
IT - Software Jobs
Medical Healthcare Jobs
Purchase / Logistics Jobs
Sales
Ajax Jobs
Designing Jobs
ASP .NET Jobs
Java Jobs
MySQL Jobs
Sap hr Jobs
Software Testing Jobs
Html Jobs
IT Jobs
Logistics Jobs
Customer Service Jobs
Airport Jobs
Banking Jobs
Driver Jobs
Part Time Jobs
Civil Engineering Jobs
Accountant Jobs
Safety Officer Jobs
Nursing Jobs
Civil Engineering Jobs
Hospitality Jobs
Part Time Jobs
Security Jobs
Finance Jobs
Marketing Jobs
Shipping Jobs
Real Estate Jobs
Telecom Jobs

Principal Security Engineer - Compliance

3.00 to 5.00 Years   Bangalore   25 Aug, 2020
Verizon Communications
Job LocationBangalore
EducationNot Mentioned
SalaryNot Disclosed
IndustryTelecom / ISP
Functional AreaGeneral / Other Software
EmploymentTypeFull-time

Job Description

As a Principal complianceengineer, you will be responsible for improving and maintaining our security controls and policies as well as designing new controls where we require them. We are looking for an individual who is passionate about Information Security, has led Securitycomplianceand certification efforts in SaaS companies, and has proven experience working effectively across various departments within a fast-paced company. You will be self-motivated, articulate, and organized in leading internal audits, identifying gaps, and effectively putting in place remediation measures to address the gaps. You will report to the Deputy CISO and will work closely with Program Management,Engineering, Operations, and the Security team to drivecomplianceefforts.Responsibilities:

  • Own the maintenance of security controls for differentcompliancestandards such asSOC 2 and ISO 27001.
  • Periodically review the controls to account for the change in process, technologies used, services/products offered, and the deployment environment.
  • Work with Program Management,Engineering, Operations, and Security team and the impacted departments to modify existing controls or define new ones and operationalize them.
  • Developacompliancestrategy in alignment with business requirements, objectives, and metrics.
  • Perform internal audits monthly or quarterly depending on the priority of the control group, assess gaps, and work with external consultants and stakeholders to address them.
  • Raisecompliancetickets for various departments such as Operations, Support, and IT to generate and review access lists for key systems.
  • Ensure that the security controls are operating effectively in the organization always.
  • Own the audit calendar,prepare evidence for controls as per periodicity (such as quarterly or annually), and schedule external audits working with auditors and program management.
  • Maintaincompliancedocuments such as the controls, evidences collected, and the audit reports in an organized fashion.
  • Be the point of contact for the organization to answer questions oncomplianceas well as to share audit reports with customers and prospects under NDA.
  • Perform vendor risk assessment annually for existing vendors, identify gaps if any, and work with the stakeholders and the vendor on next steps. Perform risk assessments for new vendors during evaluation/onboarding.
  • Respond to RFPs from Sales and Assessment questionnaire from Support/Customer Success teams.
  • Assist with roll-out/tracking of security awareness training within the company.
  • Lead privacy initiatives.
  • Help build a culture of security within the company.
What were looking for.
  • Bachelors degree, with relevant on-the-job technical experience.
  • Minimum 5 years ofcomplianceexperience with SOC 2 or ISO 27001/27018. Experience with HIPAA, FedRAMP, PCI, or GDPR is a plus.
  • 4+ years experience in a security function at a cloud service or software company.
  • Prior experience helping an organization achieve and maintaincompliancecertifications such as SOC 2 or ISO 27001 is a must. The use of tools to help withcomplianceefforts will be a plus.
  • Good communication skills with the ability to work with a disparate set of stakeholders HR,Engineering, Operations, Support, etc. inside a company, and auditors, customers, vendors, partners outside the company.
  • Good understanding of Information Security principles, the relating ofcompliancecontrols to those principles, and articulating the relevance of controls to stakeholders.
  • Ability to maintain a flexible work schedule to enable interactions across multiple time zones with remote teams is a plus
,

Keyskills :
firewallpenetration testingcustomer relationsnetworkingidsprincipal security engineer

APPLY NOW

Principal Security Engineer - Compliance Related Jobs

© 2019 Hireejobs All Rights Reserved