8+ years in an Information Security role with progressive experience in the sections mentioned under Essential and Other capability requirement
If you are someone with a security background with exposure to security assurance, industry controls frameworks and their applicability to enterprise assets, we would like to speak to you.
Essential capabilities (core)
- Experience in IT Security, Risk and/or Compliance
- Good understanding of frameworks and industry standards such as NIST CSF, CSA, SOC2, ISO, PCI DSS, MITRE, etc.
- Experience in assessing and/or designing security controls (Cloud and/or On-Premises), and possess ability to dive into technical details of control implementations
- Good understanding of broad cloud service offerings. (e.g., Azure, AWS, and Google cloud products/services), and possess technical competency to drive the compliance to cloud security controls
- Experience in audits and/or security assessments in one or more areas of security disciplines such as information, network, application, physical, privacy, etc.
- Understanding of the system hardening processes, tools, guidelines, and benchmarks.
- Understanding of current and emerging technologies and should be able to apply them to technology assets to drive security outcomes
- Experience in enforcing Policies and Standards
- Exposure to enterprise level architectural landscape
Other capabilities (technical)
- Work in a scaled agile structure with a persistent team of project managers and architects.
- Strong business engagement, influencing skills and expectation management with the ability to navigate complex topics with fact-based analysis.
- Understand the trade-offs involved in technology change while simultaneously delivering business benefit. Requires commercial acumen, business alignment and ability to negotiate.
- Broad IT background (deep Security knowledge)
