Senior Security and Compliance Engineer
Senior Security and Compliance Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
A Senior Security Compliance Engineer is responsible for ensuring that an organizations information systems and processes meet specific security and regulatory requirements. This role will be responsible to maintain compliance with various laws regulations and industry standards and help identify and mitigate security risks to safeguard company data. The role involves collaboration with various teams to establish monitor and enforce security controls.
Key Responsibilities:
- Compliance Management:
- Monitor and enforce compliance with security standards policies and regulations such as GDPR HIPAA PCIDSS SOC 2 ISO 27001 and others.
- Conduct regular internal audits to ensure adherence to security best practices and regulatory frameworks.
- Assist in preparing for external audits ensuring necessary documentation and evidence are in place.
- Risk Assessment:
- Assess and evaluate potential security risks in systems applications and processes.
- Conduct vulnerability assessments risk assessments and gap analyses to identify areas of noncompliance or weaknesses.
- Recommend corrective actions or enhancements to improve security and compliance posture within the Sirtex landscape.
- Security Framework Implementation:
- Develop implement and maintain security policies and procedures aligned with industry standards and regulatory requirements.
- Ensure proper implementation of controls (e.g. encryption authentication) to meet compliance requirements.
- Collaboration:
- Work with the Director of IT and operations along with legal and other relevant teams to ensure compliance with internal and external security standards.
- Provide guidance on security best practices for internal projects system deployments and new product launches.
- Documentation & Reporting:
- Maintain accurate documentation of compliance activities audits risk assessments and findings.
- Prepare reports and presentations for senior management highlighting compliance status risk assessments and recommendations.
- Incident Response:
- Participate in incident response activities related to security breaches ensuring timely reporting and corrective actions in line with regulatory requirements.
- Assist in maintaining and testing disaster recovery and business continuity plans.
- Training & Awareness:
- Conduct regular training sessions for employees regarding security policies compliance requirements and best practices.
- Promote awareness of security issues within the organization and ensure compliance with security practices.
Qualifications :
Required Skills and Qualifications:
- Bachelors degree in Computer Science Information Security or a related field
- 10 years of experience in information technology along with information security and compliance
- Indepth knowledge of information security frameworks (e.g. ISO 27001 NIST) and compliance standards (e.g. GDPR HIPAA PCI DSS)
- Strong experience in risk assessment security auditing and penetration testing
- Proficiency in using and managing cybersecurity tools and technologies
- Experience with cloud security in platforms such as AWS Azure or GCP
- Scripting skills in languages such as Python or PowerShell
- Familiarity with implementing and maintaining security controls across diverse IT environments
- Understanding of current cybersecurity threats and trends
- Knowledge of data protection and privacy regulations
- Excellent analytical and problemsolving skills with a strong attention to detail
- Large scale Project Management skills
- Effective communication skills both written and verbal
- Ability to work efficiently in a fastpaced dynamic environment
- Relevant certifications such as CISSP CISM CEH or CompTIA Security are preferred
Desirable Skills:
- Experience with regulatory frameworks specific to the industry (e.g. finance healthcare government).
- Knowledge of cloud platforms (AWS Azure Google Cloud) and their security/compliance requirements.
- Familiarity with tools like GRC (Governance Risk Compliance) platforms vulnerability scanners and SIEM systems.
This role is critical for organizations aiming to stay ahead of evolving security threats and regulatory requirements and ensures the integrity confidentiality and availability of information assets.
Additional Information :
This role is critical for organizations aiming to stay ahead of evolving security threats and regulatory requirements and ensures the integrity confidentiality and availability of information assets.
The target base salary range for this position will range from $125000 to $158000 annually. Individual compensation for this job requisition will be based on nondiscriminatory factors including your geographic location skills experience education and other factors as they relate to the position requirements. Actual compensation may vary depending on the confirmed jobrelated skills and experience.
In addition to the expected base compensation this role is eligible to participate in Sirtexs incentive programs (target bonus of 10 for this position) and benefit plans which include paid sick and vacation time health insurance and a generous 401k matching program.
Do you want to be part of something bigger A team whose impact stretches across the globe making a real difference to the quality of peoples lives. Sirtex recognizes that wellbeing financial health and worklife balance are crucial for our employees to achieve personal success.
Sirtex offers qualified candidates:
- Diverse and flexible work arrangements to achieve the optimum balance between work and personal responsibilities.
- A culture of respect diversity collaboration and innovation fostering inclusiveness and superior performance.
- Attractive compensation and benefit packages which are practical robust and equitable.
- A commitment to support ongoing professional growth through career development on the job experiences and training opportunities.
- Challenging work which supports the development of new and better ways to improve clinical outcomes for oncology treatment around the world.
- An unwavering commitment to company values employee safety and excellence in everything we do.
Diversity drives innovation; inclusion fosters belonging growth and success. Sirtex believes that it takes multiple perspectives and voices to create a culture and workplace which fosters engagement teamwork and employee satisfaction to perform our best and deliver on commitments. We are dedicated to fostering an environment where all employees feel valued included and can share their ideas so that we can exceed even our own expectations.
Sirtex is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin disability or veteran status age or any other characteristic protected under applicable law. Sirtex will make reasonable accommodations for qualified individuals with known disabilities in accordance with applicable law.
Remote Work :
No
Employment Type :
Fulltime
Employment Type
Full-time
