Job Summary
Are you passionate about leading security engineering efforts that drive quality assurance for continuous cloud security
Do you thrive on the challenge of designing, implementing, and enhancing security controls and procedures to improve cloud security compliance and AI governance
If guiding organizations through transformative security improvements excites you, we want to hear from yo
u!
We are looking for a proactive, dynamic, and collaborative team member to drive industry-alignment of our internal security controls, and champion compliance through proactive audits, rigorous quality checks, and actionable solutions that improve the security of our cloud products and infrastructu
re.
Responsibili
ties
Control Develop
- ment:Review and validate internal policies and IT General Controls (ITGCs) against quality criteria to ensure they are complete, accurate, traceable, and aligned with cloud security and AI-specific frameworks (such as ISO 42
- 001).Work with cross-functional stakeholders to develop appropriate security controls and technical solutions to meet cloud security require
ments
Compliance Monit
- oring:Perform ongoing audits on cloud infrastructure and services, including spot checks, and control tests to assess the effectiveness, reliability, and sustainability of information security con
- trols.Identify deviations, gaps, or process defects and ensure that remediation actions are clearly documented, assigned, completed, and vali
- dated.Drive and verify the effectiveness of corrective and preventive actions, ensuring that process improvements are implemented, documented, and sust
- ained.Work with engineering teams and ensure that our cloud infrastructure and IaaS, PaaS, and SaaS services (IATOP, IDP, J2S systems) meet required cloud security sta
- ndardsPartner closely with cross-functional teams to ensure that security and compliance are integrated into the product development lif
- ecycleDevise processes and automation to deliver continuous compliance at cloud scale and support reporting to senior mana
gement
Risk Mana
- gement:Independently review and validate cybersecurity risk assessments and vulnerability analyses to confirm that methodologies, inputs, and conclusions meet defined security sta
- ndards.Assess the quality and completeness of risk identification for cloud-hosted services and IaaS/PaaS/SaaS, and verify that mitigation recommendations are appropriate, actionable, and tracked to
closure
Minimum Qualif
- icationsA bachelor's degree and 6 years of professional work experience (or a master's degree and 3 years of professional work experience, or a PhD degree, or equivalent experience) is r
equired.
Additional Quali
- ficationsExperience with software development p
- rocesses.Hands-on experience with the definition and implementation of department / organizational security
- controls.Experience with performing internal process audits and process improvem
- ent work.Experience with / understanding of SOC 2, ISO42001, COBIT, ITIL, ISO, IT General Controls (ITGC), NIST 800-171, NIST 800-53, ISO 27001/2, NIST SSDF, and/or other industry standard control frameworks to document and assess cloud security compliance and AI go
- vernance.Exceptional communication skills, including clear and concise writing, an engaging presentation style, and group faci
- litation.Strong teamwork skills with a demonstrated ability to collaborate across teams a
nd roles.
