Overview
Security Risk & Compliance Manager Jobs in Norcross, Georgia, USA at ZipRecruiter
Title: Security Risk & Compliance Manager
Company: ZipRecruiter
Location: Norcross, Georgia, USA
Type: Full Time
Category: Security, IT/Tech
Job Description
Position Description
We are seeking an experienced Security Risk & Compliance Manager to join our Enterprise Information Security team and report to the Director of Information Security. In this role, the Security Risk and Compliance Manager will be responsible for developing, implementing, and overseeing the risk management and compliance program against standards, policies, and compliance requirements to reduce the risk of cyber security threats and ensure compliance with SOC 2 andregulatory compliance.
The candidate will work closely with IT and other teams to continually identify risk exposure and implement security controls in support of compliance, possess a strong understanding of security best practices,project managementskillsets, a high level of accountability and responsibility, and the proven ability to execute and deliver.
Responsibilities
Manage and develop risk management and compliance programs to track and monitor risk to resolution.
Interact and collaborate across the company to assure security controls align with SOC 2 requirements andregulatory compliance.
Regularly monitor, track, and audit SOC 2 controls and other security risks to ensure compliance with requirements such as FTC Safeguards Rule, CCPA, and NYCRR.
Facilitate and ensure compliance with SOC 2 certification andregulatory compliance.
Collaborate with IT and other teams to develop and implement secure processes.
Develop and facilitate security awareness training.
Develop security policy, standard, and process documents.
Conduct security risk assessments.
Conduct regular security audits.
Develop and maintain assessment questionnaires.
Stay abreast of relevant security and privacy regulations, laws, technologies, and threats.
Qualifications/Desired Skills & Abilities
Must have 10+ years of IT Security experience or related field.
Must have 8+ years of risk andregulatory complianceexperience.
Must have 5+ years of leading successful SOC 2 or equivalent certification.
Must demonstrate in-depth knowledge of current security best practices for application and network security.
Must be meticulous and detail-oriented with projects and outputs, including development of reports and management of work.
Additional experience with implementing security frameworks such as NIST or ISO 27001.
Understanding of network and application security best practices.
Familiar with security technologies such as SIEM, WAF, and vulnerability scanning.
Manage risk and compliance projects/tasks issues to solution.
Outstandingproject managementand organizational skills to manage multiple security projects.
Must be self-motivated, analytical, and possess aproblem-solvingoutlook.
Superiorattention to detailand conscientious quality of work product.
Professional demeanor with superior oral and writtencommunication skills.
Education and Experience
Bachelor’s Degree in Information Security, or similar discipline.
CISSP or CRISC certification or similar qualifications.
Experienced with SOC 2 audits and FTC Safeguards Rule, CCPA, and NYCRR requirements.
Physical Demands
While performing the duties of this job, the employee is regularly required to type and look at a computer screen for long periods of the day. The employee must be able to sit for long periods of time.
Qualifications
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed ab…
