Cyber Risk & Compliance, Manager
Atlanta, GA - 6305 Peachtree Dunwoody Rd Bldg A
Full Time Mid-level / Intermediate USD 106K - 177K
Cox Enterprises
Empower to build. The story of Cox Enterprises is one of hard work, respect for employees, entrepreneurship and making bold decisions.Company
Cox Communications, Inc.Job Family Group
Information TechnologyJob Profile
Cyber Risk & Compliance ManagerManagement Level
Manager - Non People LeaderFlexible Work Option
Hybrid - Ability to work remotely part of the weekTravel %
NoWork Shift
DayCompensation
Compensation includes a base salary of $106,700.00 - $177,900.00. The base salary may vary within the anticipated base pay range based on factors such as the ultimate location of the position and the selected candidate’s knowledge, skills, and abilities. Position may be eligible for additional compensation that may include an incentive program.Job Description
At Cox, we take security seriously. After all, we’re in the business of connecting businesses to products, services, and technologies they need to operate each day, so we only enlist the best in the business. We are searching for a Cyber Risk & Compliance Manager to join the Third-Party Security team to assess the security posture of our third-party providers to ensure they are adequately protecting us and our customers from cyber risks.
It’s a job that requires some serious leadership skills and strong capabilities in technology and security. If you’re looking for this kind of challenge, keep reading. We’ll tell you more about what you’ll do, and what experience you’ll need to have, as well as what you can expect from us.
What You’ll Do
In a nutshell, you’ll be ensuring sure that our vendors and partners adhere to cybersecurity best practices to mitigate risk and protect our company’s information. You’ll also work with business leaders to ensure that risks are reviewed, and solutions are implemented.
Here’s a closer look at your responsibilities:
Conduct cybersecurity risk assessments of third-party services and partner organizations to determine the effectiveness of their cybersecurity controls.
Review evidence provided by third-party suppliers to determine the maturity and effectiveness of their controls (e.g. audit reports, PEN test results, policies, standards, procedures, etc.).
Interview key third-party supplier personnel, either in-person or virtually.
Identify strengths and weaknesses within vendors’ cybersecurity programs, documenting results and presenting information to key stakeholders.
Negotiate cybersecurity contractual obligations with vendors to ensure applicable security considerations are included within vendor agreements.
Excellent soft skills such as: interpersonal, leadership, presentation, and collaborative skills to work effectively with teams throughout organization.
Strong collaboration skills to effectively drive understanding among cross-functional teams.
What’s In It For You?
Here’s a sneak peek of the benefits you could experience as a Cox employee:
A competitive salary and top-notch bonus/incentive plans.
Professional development and continuing education opportunities.
The chance to work with fascinating, cutting-edge platforms.
Exceptional work-life balance, flexible time-off policies and accommodating work schedules.
Comprehensive healthcare, with multiple options for individuals and families.
Generous 401(k) retirement plans with up to 8% company match.
Inclusive parental leave policies, plus comprehensive fertility coverage and adoption assistance.
Who You Are
Minimum Requirements:
As you can imagine, this is one of those jobs that requires some special skills. Below you will find our minimum and preferred requirements for this role.
BA/BS degree in related discipline (i.e. Cybersecurity, Information Technology, Cybersecurity, Computer Science, or Information Systems.) with 6 years of experience in a related field; OR 10 years of equivalent experience in lieu of a degree.
Experience assessing or aligning with common industry security frameworks (i.e., ISO 27000, NIST 800-53, NIST Cybersecurity Framework, SSAE 16 SOC1/SOC2/SOC3, and PCI Data Security Standard.)
Experience with multiple security domains relative to Data Protection, IT Risk, Network Security, Application Security, Security Operations, and Identity and Access Management.
Ability to develop and implement, security processes, procedures, and controls
Ability to communicate complex cyber risk issues to technical and non-technical audiences.
Excellent soft skills such as: interpersonal, leadership, presentation, and collaborative skills to work effectively with teams throughout organization.
Ability to collaborate to effectively drive understanding among cross-functional teams.
Ability to reach decisions under conditions of uncertainty and against competing priorities.
Preferred
MS degree + 4 years of experience preferred in a related discipline (i.e. Cybersecurity, Information Technology, Cybersecurity, Computer Science, or Information Systems.); OR Ph.D + 1 years of experience in a related discipline.
Experience working at telecommunications, internet service providers, or one of the Big Four audit/consulting firms is desired.
Certified in at least one of the following: CISSP, CISM, CISA, CRISC, or similar.
Applicants must currently be authorized to work in the United States for any employer without current or future sponsorship
Benefits
The Company offers eligible employees the flexibility to take as much vacation with pay as they deem consistent with their duties, the company’s needs, and its obligations; seven paid holidays throughout the calendar year; and up to 160 hours of paid wellness annually for their own wellness or that of family members. Employees are also eligible for additional paid time off in the form of bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, parental leave, and COVID-19 vaccination leave.About Us
Cox Communications is all about creating moments of real human connection; and for employees, that’s true both in the workplace and in the problems we solve for customers. From building advertising solutions to unleashing IoT technologies to creating an exceptional experience for customers in our retail locations and online, we’re creating a world that is smarter and more connected. Benefits of working at Cox may include health care insurance (medical, dental, vision), retirement planning (401(k)), and paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO). For more details on what benefits you may be offered, visit our benefits page. Cox is an Equal Employment Opportunity employer – All qualified applicants/employees will receive consideration for employment without regard to that individual’s age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law. Cox provides reasonable accommodations when requested by a qualified applicant or employee with disability, unless such accommodations would cause an undue hardship.Tags: Application security CISA CISM CISSP Compliance Computer Science CRISC IAM IoT ISO 27000 Network security NIST NIST 800-53 Risk assessment SOC 1 SOC 2 SOC 3
Perks/benefits: 401(k) matching Career development Competitive pay Fertility benefits Flex hours Flex vacation Health care Insurance Medical leave Parental leave Salary bonus Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Analytics-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs