Key skills
AWSCloudCyber SecurityGoogle Cloud PlatformAIGCPGoogle CloudRisk ManagementCommunication
About this role
Role Overview
- Provide direct support for external and internal audit efforts, specifically focusing on frameworks such as SOC 2 Type 2, ISO 27001, ISO 27017, ISO 27018, and ISO 42001.
- Execute and document procedures for continuous monitoring and evidence gathering.
- Implement automated solutions, including utilizing AI, to effectively reduce manual efforts associated with repetitive evidence collection tasks.
- Review, edit and update internal security policies, standards and procedures to ensure they accurately reflect current operational controls and compliance requirements.
- Assist in the supply chain risk management program by tracking vendor compliance documentation, reviewing vendor security posture, and maintaining the vendor risk register.
- Participate in internal security audits and support the business development team by completing security questionnaires for Requests for Proposal (RFP), ensuring accurate and compliant representation of our controls.
Requirements
- 3-5 years of experience in a security, IT audit, GRC or related technical field.
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field; equivalent professional experience will be considered in lieu of a degree.
- Maintain industry certifications such as CompTIA Security+ and work toward advanced certifications such as (ISC)² CISSP.
- Foundational understanding of diverse regulatory environments and major security frameworks and compliance standards (e.g., ISO, SOC, HIPAA, SOX, NIST, FedRAMP, GovRAMP, DoD IL 5/6 PCI DSS).
- Foundational understanding of enterprise IT and OT/ICS environments, including network protocols, operating systems, cloud platforms and security technologies.
- Foundational understanding of core cloud technologies, particularly security concepts and services within AWS and GCP.
- Strong organizational skills, exceptional attention to detail, and the ability to manage documentation effectively.
- Excellent written communication skills, with experience reviewing and editing formal technical documents and policies.
Tech Stack
- AWS
- Cloud
- Cyber Security
- Google Cloud Platform
Benefits
- comprehensive health benefits
- discretionary time off
- paid holidays including monthly me days
- highly inclusive and diverse workplace