- Help design, develop, and deploy across Safelite SOC1 and SOC2 management programs that focus on the monitoring of controls and ensuring compliance.
- Develop and deploy processes within the Safelite SOC1 and 2 program where they don't exist and where they do ensure they meet the Belron group standard for information security risk management and control.
- Enhance existing Information Security risk processes (where they exist) to extend coverage and give better definition of SOC1 and SOC2 assurance for Safelite.
- Where such processes don't exist, establish them working with each function to ensure effectivity and consistency with the Safelite Risk management policy.
- SOC 1 and SOC 2 governance involve external risk reporting to stakeholders.
- Conducting audits of policy and compliance to SOC1 and 2, including liaison with internal and external auditors where needed.
- Bachelor's degree in computer science or equivalent work experience.
- Formal Risk Management qualification or equivalent (e.g Certified ISMS Risk Management (CIS RM), CISM or equivalent).
- One or more of the following qualifications are highly desirable:
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP) - Minimum 8+ years' experience in information security governance and assurance - focusing on risk management.
- Minimum 8+ years' experience in generating, deploying, and managing risk management control programs within large, diverse corporate businesses.
- A minimum of 7 + years of experience within an information discipline with a formal information security qualification.
- Minimum 3-6 years' experience in managing third party companies risk assessment and evaluations.
- Experience of SOC 1 and 2 type 2.
- CPPA enforcement and data process mapping experience within a large complex corporate organization.
- Experience in supporting an Information Security compliance regime such as PCI DSS.
- Ability to maintain composure and continue to function effectively under pressure.
- Excellent presentation, communication and interpersonal skills required.
- Comfortable interacting effectively at all levels of the Belron and group companies.
- In-depth knowledge of information security risk management and its effective application within group and subsidiary companies.
- A good understanding of legislation and regulations that impact information security (CPPA, GDPR).
- Self- starter with the ability to work independently.
- Excellent verbal communication and interpersonal skills.
- Excellent writing and documentation skills.
- Good analytical skills with the ability to tailor an approach based on data and information received.
- Ability to think and plan strategically balanced against the need to deliver.
- Actively drives the sharing of best practice for Security Risk Management.
- Ability to travel may be required within USA, and occasionally to Europe in order to effectively support the North American CISO, but this is not envisaged to be regular
- Competitive weekly pay and bonus opportunities.
- A benefits package valued at more than $10k*. This includes a 401(k) plan with company matching, medical coverage plans customized to suit your needs and a commitment to work/life balance through our paid time off (PTO) programs, company holidays and paid volunteer days.
- Up to $5,250 annually in tuition reimbursement.
- View all our health, wealth, and life offerings at
-
Lead Cyber Security SOC
5 days ago
Jobs for Humanity Columbus, United StatesCompany Description · Jobs for Humanity is collaborating with Safelite to build an inclusive and just employment ecosystem. We support individuals coming from all walks of life. · Company Name: Safelite · Job Description · Does this position interest you? You should apply - e ...
-
Lead Cyber Security SOC
4 days ago
Safelite Group, Inc. Columbus, United StatesDoes this position interest you? · You should apply - even if you don't match every single requirement We're known as an auto glass company. That's the focus of what we do. But beyond the glass, we're so much more. We'll help you build a fulfilling career and encourage you to ha ...
-
Azure SIEM Consultant
1 week ago
iO Associates - US Ohio, United StatesOur client is looking for a Senior SIEM Consultant to support an upcoming project. This is a contract to hire opportunity. · *US Citizens or Green Card only* · Responsibilities: · Act as the primary technical contact for customers, guiding them through SIEM/XDR projects. · Provi ...
-
Azure SIEM Consultant
4 days ago
iO Associates - US Columbus, United StatesOur client is looking for a Senior SIEM Consultant to support an upcoming project. This is a contract to hire opportunity. · *US Citizens or Green Card only* · Responsibilities: · Act as the primary technical contact for customers, guiding them through SIEM/XDR projects. · Provi ...
-
Hybrid ServiceNow Systems Administrator
2 weeks ago
SOC LLC Columbus, United StatesHybrid Systems Analyst III - Columbus, OH · SOC is seeking a Systems Analyst to support management, optimization, and integration of the ServiceNow platform. Ideal candidates will have experience administering ServiceNow IT Operations Management and IT Service Management. The Ser ...
-
IT Security Specialist I-V
6 days ago
Medical Mutual Columbus, United StatesJob Description - IT Security Analyst II - IV · IT Security Analyst II - IV · - · ( · ) · Founded in 1934, Medical Mutual is the oldest and one of the largest health insurance companies based in Ohio. We provide peace of mind to more than 1.6 million Ohioans through our high- ...
-
Hybrid ServiceNow Systems Administrator
2 weeks ago
SOC Columbus, United StatesHybrid Systems Analyst III - Columbus, OH · Find out exactly what skills, experience, and qualifications you will need to succeed in this role before applying below. · SOC is seeking a Systems Analyst to support management, optimization, and integration of the ServiceNow platfo ...
-
SOC Columbus, United StatesNetwork Systems Analyst III needed for a Contract-to-Hire opportunity with SOC's client to work in Columbus, OH. Job Summary With general direction, analyses of LAN/WAN systems, including planning, designing, evaluation, and selection of operating systems / protocol suites. Resol ...
-
Network Systems Analyst III- Columbus, OH
5 days ago
Day & Zimmermann Group Columbus, United StatesNetwork Systems Analyst III needed for a Contract-to-Hire opportunity with SOC's client to work in Columbus, OH. · Job Summary · With general direction, analyses of LAN/WAN systems, including planning, designing, evaluation, and selection of operating systems / protocol suites. ...
-
Materials Handler II
1 week ago
Day & Zimmermann Group Columbus, United StatesMaterials Handler II needed for a contract opportunity with SOC's client to work in Columbus, OH. Description: Intermediate level position assigned to perform activities related to material receiving, kitting, warehousing and shipping. Responsible for a safe, efficient and organi ...
-
Security Dispatcher
5 days ago
Columbus Metropolitan Library Columbus, United StatesSCHEDULE: Tuesday - Saturday 1:00pm - 9:30pm · PURPOSE OF JOB · Staffs the Security Operations Center (SOC), coordinating communications and responses to security incidents and requests for equipment and services. Monitors CCTV footage and shares information to ensure an orderl ...
-
IT Audit Staff 2024
2 days ago
GBQ Holdings LLC Columbus, United StatesJob Description · Job DescriptionPosition Title: Staff (IT Audit) · Exempt __X__ Non-exempt _____ · Work Area/Department: Assurance · Position Statement: · At GBQ, we empower growth; growth of our people, our communities and our clients' businesses. The IT Assurance team is a str ...
-
Senior Technical Compliance Analyst
1 week ago
Navient Columbus, United StatesEarnest's mission is to make higher education accessible and affordable for everyone. · We empower past, present, and soon-to-be students to maximize their financial futures through thoughtful guidance and impactful products. · We build tools that help people feel in control of ...
-
Senior Product Manager: Certifications
1 week ago
Trellix Columbus, United StatesTrellix · Senior Product Manager: Certifications · in · Oklahoma City , · Oklahoma · Job Title: · Senior Product Manager: Certifications · Role Overview: · This position is a high-visibility role to help Trellix achieve its goal of being #1 in XDR by driving its certificatio ...
-
Internal EDP Auditor 2
1 week ago
Ohio Department of Commerce Columbus, United StatesA Little About Us · With roughly 1,600 employees in 11 offices across Ohio, BWC is the state agency that cares for Ohio workers by promoting a culture of safety at work and at home and ensuring quality medical and pharmacy care is provided to injured workers. · For Ohio employer ...
-
Internal EDP Auditor 2
1 week ago
State of Ohio Columbus, United StatesA Little About Us · With roughly 1,600 employees in 11 offices across Ohio, BWC is the state agency that cares for Ohio workers by promoting a culture of safety at work and at home and ensuring quality medical and pharmacy care is provided to injured workers. · For Ohio employe ...
-
IT Governance, Risk,
1 week ago
iboss Ohio, United StatesDescription · Company Overview iboss is a cloud security company that enables the modern workforce to connect securely and directly to all applications from wherever they work. Built on a containerized cloud architecture, iboss delivers security capabilities such as SWG, malware ...
-
Cloud Operations Manager
4 days ago
BD Columbus, United StatesJob Description Summary · Job Description · We are · the makers of possible · BD is one of the largest global medical technology companies in the world. Advancing the world of health is our Purpose, and it's no small feat. It takes the imagination and passion of all of us—from ...
-
Senior Sales Engineer
1 week ago
Proofpoint Ohio, United States Full timeIt's fun to work in a company where people truly BELIEVE in what they're doing · We're committed to bringing passion and customer focus to the business. · Corporate Overview · Proofpoint is a leading cybersecurity company protecting organizations' greatest assets and biggest ri ...
-
Senior Cybersecurity Specialist
1 week ago
Liberty Mutual Insurance Columbus, United States OTHERPay PhilosophyThe typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these posi ...
Lead Cyber Security SOC - Columbus, United States - Safelite Group, Inc.
Description
Does this position interest you? You should apply - even if you don't match every single requirement We're known as an auto glass company. That's the focus of what we do. But beyond the glass, we're so much more. We'll help you build a fulfilling career and encourage you to have a life. Let us be the best place you'll ever work.This role resides in the Cyber Risk & Compliance area which is responsible for defining, implementing, and leading the Cyber Risk & Compliance function in the Safelite Organization. It creates Soc1 and SOC2 risk management oversight; establishing and managing the controls framework and relevant standards; overseeing applicable security, privacy, contractual and compliance requirements through strategy development and deployment, controls definition and assessment (internal & external) together with process oversight, through three areas under its remit, Risk Management, Privacy and Technical Compliance with a small team of specialists in each area.
This is a role carries out the Safelite SOC1 and SOC2 compliance management function within the Belron Trust group under the North American CISO, reporting to the Head of Cyber Risk & Compliance. It assists in the delivery of the security risk management for Safelite, with a focus on generating and monitoring the SOC 1 and 2 program, engaging with key stakeholders. It will ensure that all functions have clear business owners for the points of focus, control objectives and any risks are reviewed and updated regularly. It will assist Safelite working towards a SOC 2 type 2 attestation.
It requires an ability to balance a hands-on approach to security compliance and risk management where necessary, with an ability to self-direct, prioritize and manage work in plus the improving the quality of service provided to Safelite regardless of delivery method (internal or 3rd party) with respect to information security and risk.
Information Security, financial processes, and services within Safelite are maturing and a key part of this role will be to work with the Head of Cyber Risk & Compliance together along with the CISO for North America to help define, regulate, and improve these as part of the virtual security team.
This role forms part of the wider strategic Trust program being developed focusing on the reduction of information risk to Safelite. It requires knowledge of information security activities across technology, process, and governance as well as in depth risk management.
What You'll Do
Diversity: Safelite welcomes everyone. We value our diverse workforce and suppliers, and we're proud to be an equal opportunity employer. Learn more at
Benefit amounts are estimates only. Actual values will depend on benefit elections during enrollment.
This position description is not all inclusive for every aspect of this role. Reasonable accommodation will be made for individuals covered by ADA, ADEA, FMLA and other laws and regulations in accordance with their requirements. Physical and mental demands are not and should not be construed to be job qualification standards, but are illustrated to help the employer, employee and/or applicant identify tasks where reasonable accommodations may need to be made when an otherwise qualified person is unable to perform the job's essential duties because of an ADA disability. Other qualifications may be required to ensure employment eligibility in accordance with local laws and regulations and with Safelite Group, Inc. policies and practices.
Lead Cyber Security SOC professionals in Columbus
-
Kylee Davidson
Data Science/Analytics
-
Muscab Ali
Cyber Security Major
-
Matthew Kowalski
Full Stack Developer