Senior Information Security Compliance Technician - Lake Oswego, United States - NAVEX Global

    NAVEX Global
    NAVEX Global Lake Oswego, United States

    2 weeks ago

    Default job background
    Description

    It's fun to work in a company where people truly BELIEVE in what they're doing

    We're committed to bringing passion and customer focus to the business.

    Position Summary:

    As a key member of our Information Security department, you will participate in our vulnerability management process by managing customer PEN tests and performing internal infrastructure and application vulnerability scans. In addition, you will help customers realize the value of our integrated risk and compliance management products and services. In partnership with our RFP Specialist, Sales and Legal functions, you will catalog and describe our technical capabilities and the security controls we have in place in order to drive revenue and customer retention.

    We Offer You:

    • An Inspiring Culture. Invested teammates, belonging groups, and a socially determined culture
    • Meaningful Work. Innovative products and solutions with real life impact for people and organizations
    • Career Growth. Stellar training and an unwavering commitment to your growth and success
    • Life Flexibility. Time to care for yourself, your loved ones, and your community
    • Industry Leadership. A highly reputable, fast growing and consistently profitable organization
    • Real Rewards. Competitive and transparent pay practices, wellbeing programs and benefits with choice
    What You Will Do:
    • Complete request for proposals and technical questionnaires from prospects and customers
    • Assist in maintaining and refining a master database of technical responses
    • Help maintain technical policies and procedures used by Hosting, Product Engineering and Internal Infrastructure
    • Participate in business continuity exercises and the implementation of technical policies and procedures
    • Assist in customer on-site and remote audits
    • Coordinate application and infrastructure penetration (PEN) tests
    • Participate and/or lead our vulnerability management process
    • Help prepare for and orchestrate operational and security assessments
    What You Will Need:
    • A bachelor's degree preferred with an emphasis on information technology or computer science
    • 1+ years' experience in networking, systems support, software development or information security
    • Working knowledge of network and application scanning tools (i.e. Rapid7 InsightVM, Rapid 7 AppSec, BurpSuite Pro, Nmap)
    • Familiarity with the ISO 27000 framework and/or SOC 2 compliance standards
    • Existing or willingness to obtain security certifications (e.g. Security+, CISSP, CEH, etc.)
    • Familiarity with creating and implementing technical and information security policies and procedures, and technical writing in a SaaS environment
    • Strong presentation skills, project planning and scoping experience
    • Excellent verbal and written communication skills and a commitment to collaborate with people across a variety of levels with different backgrounds
    We believe each member of our team deserves to see a path forward to achieving their career and financial goals.
    • Each team member is required to have a career plan in place and reviewed with their manager after six months with our team.
    • The starting pay range for this role is $65,000.
    • Pay progression is based on performance.
    Our pay programs are just one element of our commitment to Be the ONE place you want to thrive in life. Check out NAVEX's career page to learn about our innovative people programs designed to create one powerful life experience for YOU

    NAVEX is an equal opportunity employer, including disability/vets.

    If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us