Manager, Security and Compliance
The Judge Group Inc.

Los Angeles, California


Location: REMOTE
Description:
Company: Top technology corp

Position: Compliance Lead/Manager

Location: 100% Remote

Note from the Manager:

I am looking for candidates that have hands-on, end to end PCI/SOC2 leading experience. Experience with customer engagements, or RFPs or Security questionnaires is a value add. Any technical experience working with the tools in the security ecosystem is a value add. Past experience with larger organizations and banks leading PCI/SOC2 experience is nice to have.

Job Description

Position: Manager, Security and Compliance

Oversee Security and Compliance for the business unit, for a SaaS Online Booking Tool (OBT) for business travel. Develop a multiyear

roadmap and manage execution against it.

Hands-on keyboard manager with experience wearing a lot of hats.

Experience leading security for a business unit or division as part of a larger enterprise is a plus.

Experience with an understanding of business risk appetite and tolerance.

Experience engaging stakeholders to gain support for initiatives.

Travel industry experience is a plus.

SaaS experience is a plus.

Experience managing and working with teammates across multiple time zones and continents is a plus.

Develop and maintain strategy for SOC 2 Type 2 and PCI-DSS attestations. Work with audit support contractors to plan and execute

audits.

Experience with PCI-DSS as a Service Provider.

Experience with PCI-DSS 4 is a plus.

Experience with SOC 2 Type 2 audits.

Work with the Chief Privacy Officer to maintain the business's data privacy program.

Experience with GDPR, CCPA/CPRA is a plus.

Experience leading privacy for a multinational SaaS product is a plus.

Lead product security efforts. Develop product security / SDLC strategy that includes SAST, DAST, and OSS scanning.

Experience with SAST, DAST, and OSS scanning.

Experience with Fortify On-Demand and Nexus IQ is a plus.

Experience with SDLC for security and integration with CI/CD pipelines is a plus.

Experience with container security management is a plus.

Lead vulnerability management program.

Experience with industry-standard vulnerability tools.

Experience in evaluating vulnerabilities in a Linux environment.

Experience developing metrics and tracking remediation.

Experience with Qualys suite is a plus.

Lead Incident Response process in collaboration with the NOC team.

Experience with structuring Incident Response process

Experience with Splunk is a plus.

Experience with Crowdstrike is a plus.

Lead Third-Party Risk Management program.

Experience with vendor assessments for SOC 2 and PCI.

Experience with GDPR sub-processor and controller transfer requirements.

Lead with RFP responses and customer engagement.

Experience with contract review.

Experience engaging customer security teams.

Experience with Responsive is a plus.

Experience creating customer white papers is a plus

Contact: ckelly@judge.com

This job and many more are available through The Judge Group. Find us on the web at www.judge.com



Get Hired Faster

Subscribe to job alerts and upload your resume!

*By registering with our site, you agree to our
Terms and Privacy Policy.

More IT jobs


AF Group
Winston-Salem, North Carolina
$120,900.00 - $202,500.00 per year
Posted about 7 hours ago
AF Group
Dallas, Texas
$120,900.00 - $202,500.00 per year
Posted about 7 hours ago
Bell Techlogix, Inc.
Indianapolis, Indiana
Posted about 2 hours ago
View IT jobs ยป

Share diversity job

Manager, Security and Compliance is posted on all sites within our Diversity Job Network.


African American Job Search Logo
Hispanic Inclusion Jobs Logo
Asian Job Search Logo
Women Inclusion Jobs Logo
Diversity Inclusion Jobs Logo
Seniors to Work Logo
Black Inclusion Jobs Logo
Veteran Job Center Logo
LGBT Job Search Logo
Asian Inclusion Jobs Logo
Disabled Job Seekers Logo
Senior Inclusion Jobs Logo
Disability Inclusion Jobs Logo
US Diversity Job Search Logo
LGBTQ Inclusion Jobs Logo
Hispanic Job Exchange Logo