Information Security Compliance Manager
Palo Alto
Uniphore
Uniphore, a world leader in Conversational AI, offers distinct solutions in Conversational Automation, Self-service, Interaction Analytics, Agent Security and Co-pilot Solutions, to enrich the Customer Service ExperienceThe Role:You will play a key role in supporting the security compliance and governance function to promote a pragmatic and effective compliance program. This includes creating and developing scalable and repeatable processes to meet PCI-DSS, ISO 27001/27701, SOC 1 and SOC 2+, HIPAA, HiTrust, GDPR , FedRamp and other regulatory requirements.
Key Responsibilities
- Develop information security compliance and audit strategies that support an agile and fast growing company.
- Responsible as the process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information in compliance with the organization's information security policies.
- Facilitate managing the company's existing security certification lifecycle and help acquire new certifications per the company's business and compliance needs.
- Coordinate and reply to internal and external audits related to information security.
- Responsible for managing Internal audit/reviews for ISMS controls and coordinating remediation
- Manage periodic reviews of security policies, processes, and procedures
- Coordinate the information security assessments with 3rd parties (suppliers, customers)
- Recommend, drive, and implement improvements to the Company’s Information Security Risk Management program.
- Develop and maintain risk register contents and underlying workflows to track identified risks, risk owners and action plans for risk remediation.
Qualification and Experience
- Bachelor’s Degree in Computer Science, Computer or Systems Engineering, or equivalent
- Minimum of 5 years of experience in related position
- Information Security Certification (e.g. CISSP, CISM, CRISC, etc)
- Solid knowledge of security on networking, cloud, infrastructure configuration, end-point protection and SDLC
- Demonstrated success implementing and maintaining Information Security control frameworks and standards such as ITIL, ISO27001, NIST CSF / 800-53, PCI DSS, SOC 2, HIPAA and GDPR
- Strong knowledge of audit and risk management methodologies, such as COBIT, NIST 800-37/800-30, FAIR.
- Excellent written and verbal communication skills and ability to interface with all levels of business. Experience working with non-IT business units/departments, helping to implement security strategies and solutions and ability to translate concepts into simple terms.
- Information security consulting experience or substantial cross-functional responsibilities
Uniphore is an equal opportunity employer committed to diversity in the workplace. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, disability, veteran status, and other protected characteristics. For more information on how Uniphore delivers business value using Conversational Service Automation, please visit www.uniphore.com
Tags: Agile Audits Automation CISM CISSP Cloud COBIT Compliance Computer Science CRISC FedRAMP GDPR Governance HIPAA HITRUST ISMS ISO 27001 NIST PCI DSS Risk management SDLC Security assessment SOC 1 SOC 2
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs