Information Security Audit Manager
- Recruiter
- Cervin
- Location
- London
- Salary
- Competitive
- Posted
- 05 Sep 2024
- Closes
- 03 Oct 2024
- Job Type
- Information Security
- Employer Sector
- Banking & Finance
- Contract Type
- Permanent
- Hours
- Full Time
The Role: You are a well–rounded IT Security professional with a strong working knowledge of Security and Compliance frameworks. You are comfortable managing and developing audited control objectives. You will be the point person for all Security and Compliance audits and will respond directly to Customers as needed. You will be responsible for understanding and supporting the design of SnapLogic's procedural and technological Security controls within the context of the Security Compliance frameworks with respect to the SnapLogic platform and Business Operations. You enjoy being a part of a team culture that empowers you to take ownership of your features and components. We are looking for exceptional, self–motivated individuals, eager to learn new and emerging technologies; share their learning, and exploit new Cloud offerings to the maximum benefit of our business and our customers. This role is a dedicated IT Security member for SnapLogic and will report to the Head of SnapLogic IT & Security. This role will be part of the SnapLogic Security Team and will work closely with all business units that are involved in our Security audits which includes Infrastructure Operations, IT, Engineering, HR, Legal, and Sales. You will be directly influencing our Security, Compliance and Privacy strategies. What You'll Do:
- Oversee Security compliance audits and work with cross–functional teams to collect evidence.
- Manage and develop audited internal controls in support of audited policies and procedures.
- Perform and document testing of those controls as well as championing recommendations for remediation.
- Define and track Security & Compliance audit lifecycle metrics.
- Assist daily ISEC tasks which will include Security RFIs, Vendor Management, Privacy DSR fulfillment, and support the SDLC program.
- Partner with key department stakeholders to align and collaborate on Security initiatives.
- 1 – 3 years of experience managing Information Security and Compliance audits: SOC 2, ISO 27001, PCI, etc.
- 3 – 5 years of experience working in Information Security and Compliance.
- 3 – 5 years of experience working in Information Technology or Development Operations.
- Degree in Computer Science, Information Technology, or Information Security, Security+, or higher level certification such as CISSP, CASP+, GCED, GCIH, GCFA, CISA, CEH, etc.
- Advanced expertise with two or more of the following frameworks: SOC 2, OWASP, NIST, HIPAA, ISO 27001, PCI–DSS, FedRAMP, and Data Protection regulations.
- Advanced ability to Project Manage initiatives with minimal supervision.
- Ability to work closely with cross–functional stakeholders in a dynamic environment.
- Ability to communicate effectively to technical and non–technical teams externally and internally.
- Penetration Testing and Vulnerability scan analysis and remediation experience.
- Advanced knowledge of Identity Management and SSO integrations.
- Advanced knowledge of Cloud Security concepts.
- Advanced understanding of Network concepts and basic knowledge of standard Linux fundamentals.