Manager, Security Assurance
Bellevue, WA | Austin, TX | Menlo Park, CA | Washington, DC | New York City
Meta's ISSO GRC is the central engine driving risk management and compliance at the company, supporting Meta and the family of apps. We’re seeking deeply experienced, integrity and security leadership talent to help enable and safeguard Meta’s products and services which have a truly global scale. ISSO GRC is simultaneously responsible for, (a) enabling the business to achieve its goals at scale and pace (b) safeguarding the business against real world security risks and (c) addressing the regulatory scrutiny the business faces. Our goal is to make Meta the premier place to work for governance, risk, compliance, security, and integrity professionals.
We are seeking an experienced Manager with deep knowledge of risk management, compliance, and Meta Security functions who will help ensure the company meets regulatory risk assessment requirements and obligations. You will build out and provide leadership and direction to the Security Assurance team and oversee the design, implementation, monitoring, and ongoing improvements of Meta’s Security Assurance program. You will have strong executive communication and influencing skills, in order to effectively explain complex compliance issues and updates in a digestible manner to senior leadership and key stakeholders across product, policy, operations, and legal. The ideal candidate has experience working in ambiguous and fast-changing environments, with the ability to pivot quickly and effectively as required, bringing your team along to remain aligned on key priorities, deliverables, and changes to the regulatory landscape affecting Meta.
Candidates should have knowledge/expertise in one or more of the following areas: audit, assurance, data security, policy management, risk management, issue & exception management, and governance & reporting.Manager, Security Assurance Responsibilities
- Provide vision, oversight, and guidance on all work related to the global Security Assurance team.
- Establish team goals, priorities, and KPIs
- as well as operating models and standards and ensure team members understand program goals and are able to effectively able prioritize and execute on deliverables.
- Provide thought leadership and drive structure for the broader ISSO GRC function, as well as for the team.
- Facilitate communication and collaboration with XFN partners
- ensuring roles, responsibilities, and deliverables are clear between the Security Assurance team and multiple XFN partners to drive impact and work toward mutual goals.
- Engage with internal audit and internal technical and non-technical teams to develop a working relationship and provide concise and accurate regulatory and audit responses when requested.
- Provide updates to senior management and leadership
- facilitating escalations, decision support, and removal of blockers when necessary.
- Share relevant expertise with the Assurance team by providing them with the necessary support and training.
- Evaluate methods to streamline risk assessment approaches and methodologies, improve control testing activities, and enhance control monitoring.
- Implement maturity frameworks across multiple programs factoring in emerging regulations and proactive detection of risks.
- Support business travel on an as needed basis (up to 10%).
- Bachelor's Degree in technical or business discipline or related experience.
- 10+ years of experience in information security, cybersecurity, transparency reporting, integrity, and/or technology risk including one or more domains (e.g., access management, vulnerability management, change management, business continuity, application security, asset management).
- 5+ years experience managing a diverse, dispersed team.
- 5+ years of experience in effectively analyzing data and programs for security risk, compliance, and maturity.
- Knowledge of industry risk frameworks and best practices (COSO, ISO, NIST).
- Communication skills, with proven success influencing a variety of audiences including senior leadership across both technical and non-technical teams.
- Advanced degree and/or certification.
- Advanced program management skills including planning, organizing, pre-empting risks/blockers, and communicating with stakeholders to deliver successful programs or projects, while operating with minimal guidance.
- Experience moving seamlessly from strategy to execution and delivering tangible results.
Individual pay is determined by skills, qualifications, experience, and location. Compensation details listed in this posting reflect the base salary only, and do not include bonus, equity or sales incentives, if applicable. In addition to base salary, Meta offers benefits. Learn more about benefits at Meta.
Tags: Application security C Compliance Governance KPIs Monitoring NIST Physics Risk assessment Risk management Strategy Vulnerability management
Perks/benefits: Career development Equity Health care Salary bonus Team events Transparency
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Network Security Engineer jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open SaaS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open DoD-related jobs