Compliance Security Engineer
New York City - NY, US Remote
Applications have closed
Hyperscience
Hyperscience helps you automate your document processes and turn unstructured content into structured actionable data. Find out more!Ranked on the Inc. Fastest-Growing Company List, Hyperscience has raised $190M from investors including Tiger Global, BOND, Bessemer Venture Partners, Stripes, and FirstMark. The company has consistently been recognized as one of the best places to work with a collaborative and innovative culture and best-in-class benefits.
The company has a global footprint with offices in New York City, Sofia, Bulgaria, Toronto, Canada, and London, UK.
We are seeking an experienced Compliance Security Engineer to support the Security team in all aspects of our IT security and compliance process. This individual will be engaging various process owners in the design, evaluation, documentation and monitoring of the appropriate manual and automated IT controls in our computing environments, as well as interacting with external auditors. The Security Compliance Engineer plays a key role in ensuring that the company meets the requirements from a variety of regulation and compliance standards. (I.e. SOC2, ISO 27001, HIPAA, etc).
It is essential that the Compliance Security Engineer have experiences in IT compliance and operational audits, as well as prior hands-on IT experiences.
Responsibilities:
- Perform risk assessments to determine if the company’s information assets are protected from internal and external threats and are aligned with regulatory requirements.
- Conduct internal security audits and provide technical and business recommendations to process owners to remediate all findings and suggest improvement.
- Partner with various teams on automating manual security controls to achieve continuous complianceDrive continual processes improvement to ensure that the company maintains its security posture that meets audit requirements.
- Coordinate audit activities with process and control owners and external auditorsManage 3rd party vendor security assessments in collaboration with Legal and Security teams.
- Perform other IT security and assurances related tasks as assigned by management.
Qualifications:
- Minimum of 5 years working full-time in information security assurance for a technology company or as an IT auditor with "Big Four".
- Experiences conducting IT audits with various process owners based on various frameworks such as SOC Trust Service Criteria, ISO 27001 and 27002
- A breadth of experience in performing IT controls testing and developing recommendations based on confirmed observations.
- Knowledgeable in both qualitative and quantitative risk assessment methodologies
- Hands-on experiences in cloud technologies and security (AWS, Okta, etc.)
- In-depth knowledge in IT security frameworks and best practices, such as NIST-800 publications, CoBIT, CCM and Trust Principles and Criteria.
- Strong cross-functional team program management abilities, including managing multiple assessments concurrently with different stakeholders and timelines
- Strong analytical and problem solving skills and the ability to “think-out-of-the-box”.Certifications (CISA, CISSP, SANS GIAC, etc.)
We are an equal opportunity employer. We welcome people of different backgrounds, experiences, abilities and perspectives. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.
Tags: Audits Automation AWS CISA CISSP Cloud COBIT Compliance GIAC HIPAA ISO 27001 Monitoring NIST Risk assessment SANS Security assessment SOC 2
Perks/benefits: 401(k) matching Conferences Equity Parental leave Relocation support Travel Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs