Senior Information Security Compliance Specialist
Buenos Aires, Argentina
Applications have closed
AppDirect
AppDirect powers millions of cloud subscriptions worldwide with marketplace, billing, reseller, and distribution solutions.About the Team
AppDirect is the leading cloud service marketplace company dedicated to revolutionizing the way businesses run. We offer a cloud service marketplace and management platform that enables companies to distribute digital services. The global network of AppDirect-powered marketplaces allows businesses to find, buy, and manage the best applications the cloud has to offer.
With our award-winning platform, service providers can launch a state-of-the-art online application store within a matter of weeks, while developers can integrate once and make their software available across multiple marketplaces worldwide. Our products offer more advanced features and tools than any other competitive solution, putting AppDirect at the forefront of the rapidly evolving market for cloud services delivery.
About You
We’re looking for talented yet humble individuals who are smart, passionate, and want to drive disruption in the Information security industry. If you thrive in a fast-paced, collaborative workplace, AppDirect provides an environment where you will be challenged and inspired every day. If you relish the freedom to bring creative, thoughtful solutions to the table that reflect your experience and personality, there's no limit to what you can accomplish here.
You will be a member of the Compliance team (part of the Infosec team) as a compliance analyst. You will join the team responsible, mainly, for continuous compliance monitoring, risk management, vendor management and maintaining our ISO 27001,PCI-DSS and SOC2/SOC1 certification.
You have both soft skills and technical potential and you think that the security team must be an ally and a facilitator for the company and all its members.
What you'll do and how you'll make an impact
- Provide overall oversight for continued compliance and ongoing certifications (e.g. SOC 1 and 2, PCI DSS, ISO 27001, NIST CSF, GDPR, etc.).
- Collaborate with internal staff to ensure that appropriate controls are implemented, operating properly, in accordance with the corporate policies.
- Conduct audit readiness assessments and coordinate with internal and external functions and audit resources.
- Manage the new GRC tool implemented by the compliance team (evidence collection and risk management)
- Improve and maintain the Privacy practice at AppDirect.
- Develop and implement in collaboration with Engineering and architects mechanisms to automate the generation of evidence.
- Assess and improve the maturity of the risk governance process and oversee and lead risk assessments.
- Oversee customers questionnaires by liaising with internal staff and delivering expected results
- Develop and maintain organization information security policies based on applicable standards, information security requirements, business requirements and legal requirements.
- Improve and operationalize the Vendor management process at AppDirect.
- Facilitate discussions and reach decisions that can have a good balance between security and usability.
What we’re looking for
- A degree or comparable experience (~5+ years) in Information Security or a related field.
- Prior experience in IT compliance and Audit support (SOC2, ISO 27001 and PCI-DSS).
- Prior experience with risk management and GRC Tools.
- Good experience with Privacy frameworks and what needs to be implemented to meet customer/internal needs.
- Successful in cross-functional team collaboration to drive early security adoption
- Good understanding of networking, cloud computing, operating systems concepts.
- Well organized and able to work with clear deadlines.
- Experience on cloud adoption strategies including design and implementation of security controls and compliance monitoring.
- Experience with project management (planning, organizing, and managing resources to successfully achieve audits).
- Strong verbal, written and presentations skills with the ability to find innovative solutions to complex problems (compliance vs risk vs security vs usability).
- Be able to think Business first!
Nice to have:
- Any Information Security Certification (CISA, CDPSE, ISO implementer , Security+, CISSP).
- Demonstrated technical experience in developpement, networking, IT support, system administrations, etc.
At AppDirect, we believe that innovation thrives in an environment that houses diversity of excellence, experience and thought. We respect each AppDirector as their own fingerprint; unique with no one alike. We foster an environment of inclusion without regard to race, religion, age, sexual orientation, or gender identity enabling AppDirectors to embrace their uniqueness to do their best work. As such, we strongly encourage applications from Indigenous peoples, racialized people, people with disabilities, people from gender and sexually diverse communities, and/or people with intersectional identities.
#LI-BLAPPDIRECT
Tags: Audits CISA CISSP Cloud Compliance GDPR Governance ISO 27001 Monitoring NIST PCI DSS Privacy Risk assessment Risk management SOC SOC 1 SOC 2 Vendor management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open IPS-related jobs