Security Risk and Compliance Management Specialist III
United States - Remote
Full Time Senior-level / Expert USD 89K - 152K
Rackspace
As a cloud computing services pioneer, we deliver proven multicloud solutions across your apps, data, and security. Maximize the benefits of modern cloud.Key Responsibilities:
- Assists in annual audits for industry specific reports, including ISO 27001, ISO 9001, ISO 14001, ISO 18001, IRAP-AUS, Cyber Essentials+, NHS-DSO, SOC1, SOC2, SOC3, PCI, HIPAA, HiTrust, CyberGRX.
- Ensure documents, projects, process, and product initiatives comply with regulatory and legal requirements and enterprise policy.
- Provide data and analytics in support of the risk officer and risk committees.
- Develop and recommend compliance solutions impacting the enterprise.
- Develop Risk Assessment process, charters, policies, methodologies, and reports.
- Participate in cross-functional workgroups, communication strategies, and planning meetings to develop solutions that meet the objectives of both the business and the IT Risk, Compliance, and Information Security team.
- Coordinate and respond to regulatory requirements and requests and ensure the execution of examinations.
- Conduct IT Risk and Information Security due diligence activities relative to vendors and third parties.
- Conduct risk assessments and documents findings where the deviation from an information security or IT Risk policy or standard is desired.
- Ensure risk remediation plans meet key business objectives and partners with the business owners to follows through with corrective action steps.
- Provide guidance on areas of security, privacy and regulatory compliance to Sales, Marketing, Product Development, Legal and Policy teams.
- Conduct analysis of risk rating, risk appetite, and provides data driven summaries to business leaders.
- Update internal control matrices where necessary to support annual changing environments.
- Executes the conduit between internal control owners and external auditors, including kickoff meetings, interview requests, closing meetings, and evidence gathering.
- Execute internal customer audits which include scheduling, presentation of the Rackspace compliance portfolio, and overseeing the successful visit in conjunction with Account Managers.
Qualifications:
- At least five years of related experience
- Bachelor’s degree in Computer Science, Computer Studies, Information Technology, Information Security or a related field.
- Prefer CISSP.
- Advanced knowledge gained through an IT Risk Management, Governance, Risk and Compliance, Information Security, Data Privacy, Vendor Management, and/or Business Continuity Management role in a global organization, professional services/consulting firm, or within a related industry.
- Understanding of Network Security, Data Center operations, build pipeline, and cloud infrastructure security.
- Deep understanding of Cloud Computing technologies and migration challenges.
- Ability to implement security controls, SCTMs. Technology/software sales, consulting, or equivalent skills.
- Ability to apply knowledge of vulnerability management, risk management assessment, and IA policy and procedures to develop, implement, and maintain a secure business environment.
- Discover your inner Racker: Racker Life
About Rackspace TechnologyWe are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future. More on Rackspace TechnologyThough we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.
Tags: Analytics Audits CISSP Cloud Compliance Computer Science Governance HIPAA HITRUST ISO 27001 Network security Privacy Risk assessment Risk management SCTM SOC 1 SOC 2 SOC 3 Vendor management Vulnerability management
Perks/benefits: Salary bonus Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs