"Alerted.org

Job Description

The Enterprise Security Compliance Lead is an integral part of the Global Security and Risk Management team. This role will be responsible for participating in the overall process related to client security audits, vendor security audits, and other security compliance activities (e.g., ISO 27001, penetration tests, other client responses, etc.), while completing assigned client security reviews from intake through closure by identifying all necessary internal stakeholders based on the request (e.g., security survey, audit, review, etc.), assembling relevant and appropriate documentation, and completing the appropriate forms and questionnaires required by clients.

Assisting with the vendor security audit process for assigned vendors, including collecting and reviewing submitted materials, following up on outstanding items, and drafting summary reports

Maintaining relationships with third-party audit services that audit firm vendors, audit the firm on behalf of clients, or otherwise evaluate the firm (e.g., ISO 27001 assessors, etc.)

Acting as a project manager to ensure the success of ISO 27001, client and vendor audits, and other assessments by identifying internal stakeholders, scheduling and motivating team members to meet deadlines, assembling relevant documentation, completing necessary responses, and tracking follow-up actions

Arranging penetration and vulnerability tests, scheduling these tests, following up on results, delivering the results of internal and external system vulnerability scans, and coordinating necessary internal follow-up to facilitate agreement and remediation of issues.

Targeting $150-170K a week

Onsite 3 days a week.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to [email protected] learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

Skills and Requirements

A bachelor's degree or equivalent; a minimum of five (5) years of Security and Technology experience may be considered in lieu of a degree

Recognized security certifications preferred (e.g., CISM, CISA, CRISC, CDPSE, CISSP)

A minimum of five (5) years of experience in IT audit or IT risk management and minimum of three (3) years of experience in performing security assessments, IT vendor risk assessments, and vulnerability management reviews