- Develop and implement comprehensive security strategies and policies in alignment with and leading to ISO 27001, SOC2, and PCI certification
- Perform and manage governance, risk, and compliance (GRC) assessments
- Manage security certifications and compliance documentation
- Alert management to emerging trends in security incidents and threads
- Formulate and update security, privacy, and compliance standards, policies, and best practices according to evolving industry standards; stay informed on the latest security trends, threats, and technologies
- Inform decisions throughout the organization in matters regarding security, privacy, and compliance; work with appropriate leadership to establish enforcement guidelines and procedures
- Participate in and administer the selection and acquisition of security tools and technologies
- Assess and improve existing security measures and capabilities including but not limited to vulnerability management, incident management, BCP, endpoint protection, firewalls, and intrusion detection systems
- Assist in monitoring of network traffic for unusual activity and potential threats and take appropriate measures to counteract these threats
- Conduct regular security audits and risk assessments and recommend enhancements to management
- Collaborate with other departments to establish security best practices, vulnerability resolution, and ensure compliance with security regulations; act as liaison between IT, legal, and other departments to integrate security and compliance measures seamlessly into business processes
- Lead incident response efforts, including investigation and mitigation of security breaches or incidents
- Implement and manage security awareness training programs across the organization and provide guidance on security best practices to staff
- Oversee the installation and management of security software and hardware
- Coordinate with vendors and third-party service providers to secure network and information systems
- Identify, implement, and manage robust and industry-standards compliance processes and control to ensure compliance with CCPA and GDPR
- Drive R&D and engineering processes with security measures and process improvements
- Lead and manage the implementation and operation of SAST and DAST across the organization's products
- Lead and manage the implementation and operations of vulnerability management across information systems and application systems
- Serve as the primary point of contact for security incident management
- Escalate problems and incidents with accurate documentation to suitable stakeholders, when required
- Maintain all security, privacy, compliance documentation including policies, best practices, guidelines, and reporting KPIs
- BA/BS in Computer Science, Computer Information Systems, Management Information Systems, Cybersecurity, or related field
- Relevant certifications such as CISSP, Security+, CISA, CISM, CEH, CIPP, CIPT are preferred
- 5+ years' professional experience in a similar role or a role involving security/privacy compliance
- Experience with security, privacy, compliance, and IT audits including GRC implementation and management
- Experience and knowledge of ISO27001, SOC2, and PCI certification, along with security frameworks and compliance including NIST, GDPR, and CCPA
- Experience articulating security standards and processes in response to RFP and government questionnaires
- Experience supporting R&D and engineering teams with penetration and vulnerability assessment and resolution management including implementation of secure SDLC
- Experience building policies and procedures for mid-large businesses to reach required security certifications and/or compliance
- Knowledge and experience with security tools and technologies similar but not limited to Rapid7, Security Scorecard, Invicti, Crowdstrike, and/or Knowbe4
- Proficiency designing and enforcing security standards, processes, and guidelines
- Demonstrated ability to work independently with general guidelines and little supervision; solutions-driven with a focus on delivering the right outcomes for a secure business
- Ability to conduct research into a wide range of computing issues as required
- Highly self-motivated with an attention to detail and an aptitude to learn; ability to absorb and retain information quickly
- Experience working in a team-oriented, collaborative environment; demonstrated mature and professional approach to work with an ability to instill a high level of confidence with others
- Excellent troubleshooting and problem-solving skills within a multi-faceted environment
- A cooperative approach to "go the extra mile" to achieve results
- Exceptional customer service skills and the ability to handle stressful situations
- Effective written and oral communication skills and interpersonal skills in dealings with team members and other stakeholders
- Superior command of written English with a demonstrated ability to produce quality documentation
- Ability to manage simultaneous projects and respond to change effectively
-
Security & Compliance Engineer
3 weeks ago
Trapeze Group Maryland Line, United StatesJob Summary: · We are seeking a skilled and knowledgeable Security and Compliance Engineer to join our information technology and security team. As a Security and Compliance Engineer, you will play a crucial role in maintaining and enhancing our security posture and ensuring comp ...
-
Mgr Plant Tech Sevices-DICP
1 week ago
Wells Enterprises Dunkirk, United States Full timeOversees the day-to-day activities of plant technical services organization that ensures reliability and performance across all production, support, and engine room (utility) equipment within the operation. Drives the development of objectives, strategies and plans within tech se ...
-
GCP Engineer
3 days ago
Photon Maryland Line, United StatesJob Description · Responsibilities:Infrastructure as Code (IaC):Design, implement, and manage infrastructure as code using Terraform for GCP environments.Ensure infrastructure configurations are scalable, reliable, and follow best practices.GCP Platform Management:Architect and ...
-
Electrical Engineer
2 weeks ago
Universal Stainless Dunkirk, United StatesJob Description · Job DescriptionELECTRICAL ENGINEER · Maintenance Department · Position Overview: · Effective deployment of capital dollars and resources targeted at the implementation of equipment improvement and sustainability strategy projects. Project management of engineeri ...
-
Technical Manager
2 weeks ago
Universal Stainless & Alloy Products Dunkirk, United States Full time SalaryDunkirk Specialty Steel, LLC, produces semi-finished and finished specialty steel long products and plate including nickel alloy, stainless steel, tool steel and aircraft quality low alloy steels. Our products, which are sold to service centers, forgers, re-rollers and original e ...
-
Network Engineer
2 days ago
Marathon TS Maryland Line, United StatesMarathon TS is looking for a Network Engineer to provide the following: · Proactively review and assess existing physical, logical, and virtual network architecture, including specific configuration information for network device hardware and software such as Quality of Service ...
-
Production Supervisor
2 weeks ago
Universal Stainless Dunkirk, United StatesJob Description · Job Description OPERATIONS SUPERVISOR · Position Overview · Perform daily management of personnel performing final dimension of bar products, packaging bar, rod and wire products, scheduling customer deliveries, purchasing, freight and loading product for deliv ...
-
Operations Supervisor
2 weeks ago
Universal Stainless Dunkirk, United StatesJob Description · Job DescriptionDunkirk Specialty Steel, LLC, produces semi-finished and finished specialty steel long products and plate including nickel alloy, stainless steel, tool steel and aircraft quality low alloy steels. Our products, which are sold to service centers, f ...
-
Senior Network Engineer
2 days ago
XpressBet Maryland Line, United StatesReady to take a different path? Passionate about Technology? Love horse racing? Eager to work in a rapidly growing gaming industry? Fascinated by the world of gambling and casinos? If you answered YES to any of these questions, 1/ST TECHNOLOGY could be the right fit for you · Ba ...
-
Manager Maintenance
2 weeks ago
Universal Stainless Dunkirk, United StatesJob Description · Job DescriptionMAINTENANCE MANAGER · Position Overview · Direct efforts of maintenance department personnel and provide instruction to develop mechanical and electrical skills. Apply knowledge of maintenance methods and processes. · Essential Job Functions · Co ...
-
Technical Manager
2 weeks ago
Universal Stainless Dunkirk, United StatesJob Description · Job DescriptionDunkirk Specialty Steel, LLC, produces semi-finished and finished specialty steel long products and plate including nickel alloy, stainless steel, tool steel and aircraft quality low alloy steels. Our products, which are sold to service centers, f ...
-
Cybersecurity Analyst
2 days ago
Kairos Maryland Line, United StatesKAIROS, Inc is searching for an energetic, experienced, and highly motivated Cybersecurity Analyst, to join our team. This position is a remote position that will require travel both stateside (CONUS) and overseas (OCONUS). · Established in July 2013, KAIROS, Inc. is a growing W ...
-
Offensive Fires Subject Matter Expert
2 days ago
T2S Solutions LLC Maryland Line, United StatesSummary: · We are in search of a dynamic and forward-thinking Offensive Fires Subject Matter Expert to join our team. This crucial role involves spearheading the integration of industry, technology, and innovation into the development of comprehensive offensive fires strategies. ...
-
Software Engineer
1 week ago
SW Complete Maryland Line, United StatesCompany Description · Synergy ECP is a Service Disabled Veteran-Owned Small Business SD(VOSB) that was formed in July 2007 with Headquarters in Columbia, MD and is made up of talented, dedicated staff to provide a broad range of services to the defense, intelligence and health c ...
-
Information System Security Officer(ISSO) I
2 days ago
Chiron Technology Services Maryland Line, United StatesOverview · Chiron Technology Services, Inc. currently has an Information System Security Officer I career opportunity in the Annapolis Junction, MD area. An active TS/SCI w/Polygraph Clearance is required for this position. · Requirements: Minimum 5 continuous years of work exp ...
-
Integration Architect Manager
1 day ago
McCormick & Co Inc Maryland Line, United StatesYou may know McCormick as a leader in herbs, spices, seasonings, and condiments - and we're only getting started. At McCormick, we're always looking for new people to bring their unique flavor to our team. · McCormick employees - all 14,000 of us across the world - are what make ...
-
Linux Systems Administrator
3 weeks ago
Fuse Engineering Maryland Line, United StatesPatching servers and workstations with Red Hat Satellite server · STIG compliance applied to all machines (assuming it makes sense to do so) · Maintaining STE compliance (SEAR logs, UAM reporting, McAfee reporting, Nessus Agent scanning) · Work with ESXi and vCenter to ensure ...
-
Electrical Engineer
3 weeks ago
Universal Stainless Dunkirk, United StatesJob Description · Job Description · ELECTRICAL ENGINEER · Maintenance Department · Position Overview: · Effective deployment of capital dollars and resources targeted at the implementation of equipment improvement and sustainability strategy projects. Project management of engi ...
-
Permitting Specialist
3 weeks ago
Image Engineering Maryland Line, United StatesJob TypeFull-timeDescriptionImage Engineering was founded as a company that pushes boundaries, develops new ideas through design and fabrication, and is a leader in the visual display and special effects industry. We are comprised of a team of artists, engineers, event producers, ...
-
Senior Lead Developer
4 days ago
Infinite Computer Solutions Maryland Line, United StatesJob description · Job description : · Job Description: · Our company is seeking a highly skilled and experienced Software Engineer to join our team, specializing in Microsoft Azure Datalakes. As a Software Engineer, you will play a key role in designing, developing, and mainta ...
Security & Compliance Engineer - Maryland Line, United States - Trapeze Group
Description
Job Summary:We are seeking a skilled and knowledgeable Security and Compliance Engineer to join our information technology and security team. As a Security and Compliance Engineer, you will play a crucial role in maintaining and enhancing our security posture and ensuring compliance with various regulatory standards such as GDPR, CCPA, PCI-DSS, ISO 27001, etc. You will work closely with the Security Analyst as well as cross-functional teams to implement and monitor security measures, conduct regular audits, and ensure that all practices adhere to legal and regulatory requirements.
In this role, you will be responsible for designing, implementing, maintaining, informing, and enforcing the security, privacy, and compliance programs, systems, and controls of our organization to protect our data and network infrastructure. You will be tasked with identifying vulnerabilities, implementing security measures, and responding to security breaches. The Engineer will also serve as the subject matter expert (SME) regarding security, privacy, and compliance controls.
Our organization is committed to maintaining the highest standards of data security and privacy across our global operations. We are dedicated to implementing and overseeing robust security measures in line with international compliance standards.
Job Description:
Core Responsibilities
Strategy & Planning
Education
We are a hybrid-remote workplace combining in-office and remote work to varying degrees based on role requirements and employee location. This position may involve occasional travel within North America.
This position may require the ability to participate in an on-call roster rotation and flexibility regarding varied work hours required to address outages.
Worker Type:
Regular
Number of Openings Available:
1
