Cloud Security Compliance Specialist

Summary Rackspace Elastic Engineering is a new service model designed to help customers build and operate modern cloud environments.  While many traditional managed security services are fixed scope and focused solely on monitoring and infrastructure operations, Rackspace Elastic Engineering for Security is intended to help customers embrace a cloud centric approach to security while delivering ongoing innovation, modernization, and transformation in addition to 24x7x365 security operations. The Security Compliance Specialist acts as the security expert for Rackspace customers within a team of security experts delivering advanced security services to Rackspace customers.  This role is responsible for helping Rackspace customers meet their compliance obligations by helping assess, recommend, design, implement, and manage customer environments according to their requirements.  This will include regularly evaluating and reporting on customer controls configurations within cloud and on-prem environments,  recommending and supporting remediation where required.  It also includes helping customers understand and document controls inherited from Rackspace hosted and cloud provider environments.  Given the flexible nature of role it may also require helping draft customer policies and design operational processes to facilitate compliance requirements as well as helping support customer audits.  The Rackspace Elastic Engineering deliver model provides high customer affinity and allows the Security Compliance Specialist to serve as an extension of the customer’s team while delivering best practice-led compliance engineering and operational services. 

Responsibilities:

• Lead compliance planning and assessments for Rackspace customers including conducting reviews with stakeholders and creating reports and project plans
• Help clients prioritize various compliance related initiatives
• Drive risk-based visibility, reporting, and inform decisions on compliance risk for customer  stakeholders
• Evaluate customer compliance requirements and assist to determine implementation specifications across cloud native, private cloud, and on prem technology
• Utilize third party and cloud native tooling to provide customer reporting on compliance, identifying and prioritizing remediation actions
• Assist customers in supporting audits and other compliance activity, providing reporting and helping identify and document both inherited and compensating controls, coordinating across Rackspace delivery teams, cloud providers, and customer stakeholders as needed
• Maintain program documentation including process documents and standards
• Provide compliance expertise and support training/awareness initiatives across customer and Rackspace delivery teams as required
• Develop IP, tools, processes, procedures, and guidelines to support within Rackspace Elastic Engineering for Security
• Assist in sales pursuits as a subject matter expert

Skills:

• Requires relevant Bachelor’s degree in a related field
• 5+ years of related experience or equivalent
• Worked in or has exposure to large-scale/global organizations
• Deep knowledge and experience of security compliance and risk management
• Experience with conducting compliance and risk assessments
• Experience with designing GRC processes including requirements gathering, process reviews and development, and implementation
• Understanding of technical risk and security areas including threats and vulnerabilities associated with compliance risks
• Agile, proactive, comfortable working with ambiguous specifications and can prioritize quickly and effectively
• Knowledge of, or experience working with, at least one cloud platform including AWS, Azure, or GCP technologies/environments.  VMware NSX experience a plus.
• Experience working with Information Security, GRC, ERM, Technology, Business, and Legal/Privacy functions
• Strong knowledge of security compliance and risk management (PCI, NIST CSF & 800-53, ISO27001, SOC, HITRUST, HIPAA, FedRAMP, GDPR, etc.) This includes appropriate regional and national compliance requirements for the job posting location
• Exposure to highly regulated industries
• Ability to articulate risks and communicate effectively to various levels of management
• Excellent presentation and communication skills
• Excellent analytical and process development skills

Preferred Skills:

• Industry certifications in security, technology, and/or business management are a plus (e.g., CRISC, CISSP, CCIE, CISM, CISA, CCSK)
• Experience working in a consulting or professional services capacity
• Experience with Agile methodology

#LI-SM3

About Rackspace TechnologyWe are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future.  More on Rackspace TechnologyThough we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.