Security and Compliance Manager
Security and Compliance Manager
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Job Details
Description
The Security Manager is a fully remote position over the Information Security Team at C^RET Legal reporting to the SVP Cloud Engineering and Technology. This position owns the success of the Cyber Security & Compliance Programs that keep C^RETs business enterprises secure while protecting the C^RET brand with our loyal customer base. The person manages and participates with the team for all aspects related to the daytoday operations of the Security and Compliance Dept. With the SVP they will own create and deliver department goals that encompass the defense in depth and zero trust services that support our customers. The manager will work directly with department leaders to continually improve C^RETs Security posture while striking a balance between business needs risk and security requirements.
The Security Manager should have a strong and demonstrated business sense and experience in Cyber Security across Cloud Security (CloudSec) Vulnerability Management & Response (VMR) and Governance Risk Compliance (GRC) in SOC2 PCIDSS GDPR & ISO 27001. Your experience should be supported by extensive and diverse experience in leading highprofile technical programs and projects. Your capability to review and advise on Security matters should span into the domain knowledge of Systems and Cloud Engineering Network Operations and Application Development.
Responsibilities
- Lead the daily operations of the Security Engineering and Compliance department
- Advise executives on the best strategies for optimizing the security of our data systems and business processes
- Review and update security and privacy policies and roadmaps
- Design implement manage and automate robust cybersecurity solutions to safeguard our networks systems and applications.
- Conduct thorough security assessments and risk analysis to identify vulnerabilities and recommend appropriate measures for mitigation.
- Collaborate with crossfunctional teams to integrate security best practices into the development lifecycle of applications and infrastructure.
- Monitor and respond to security incidents conduct incident investigations and implement incident response strategies.
- Stay abreast of emerging threats and vulnerabilities and proactively implement measures to counteract potential risks.
- Develop and deliver cybersecurity training programs to educate staff on security best practices and promote a securityconscious culture.
- Evaluate and recommend new technologies tools and methodologies to enhance our cybersecurity posture.
- Conduct regular security audits and assessments to ensure compliance with industry standards and regulatory requirements.
- Provide expertise and guidance on securityrelated matters to internal stakeholders and leadership.
Qualifications
- Minimum 2 years in a People Manager role of a Security team with demonstrable experience in growing individuals
- Minimum 5 years of continuous experience in Cyber Security in addition to experience in other domains such as Engineering Operations and/or Compliance
- Experience in Vendor Management and product and service comparisons to include decision making of buy versus build
- Deep technical knowledge of Cyber Security DevOps and InfraOps is preferred
- Security Architecture principles (DefenseinDepth Secure by Design Zero Trust etc.
- Experience in varied environments (Azure AWS Private Cloud
- Experience in varied technologies (IaC SDN Firewalls Servers Containers Serverless Endpoints Collaboration etc.
- Security Program Phases (Risk Assessment Architecture and Design Implementation Operations and Monitoring)
- Strong organization and leadership skills with the ability to facilitate technical sessions and capable of communicating complex technical information to a nontechnical audience and mentor and coach technical staff
- Certification in at least one of the following CISA CISM or CISSP
- Knowledge of NIST CIS ISO OWASP and other applicable Security Industry Standards and Best Practices
- Experience with Microsoft Defender Rapid7 CoalFire and Trivy are positives
Benefits
- Flexible PTO
- Certification(s) reimbursement
- Summer Fridays
- No meeting Fridays
- Extended Medical Dental Paid Sick Days Vision Life Insurance and Disability Leave Coverage
- RRSP & Employer match
Equal Employment Opportunity: CARET is an Equal Opportunity Affirmative Action Employer.
The compensation information below is provided in compliance with job posting disclosure requirements.
Pay range: $190000 $220000. Actual base pay will depend on varying circumstances including the position location individual qualifications market finances and other operations business needs.
Depending on the position compensation may also include commission bonuses etc. Potential for bonuses is based on company performance and potential for merit increases is based on performance.
#LIRemote
#LIST1
Required Experience:
Manager
Employment Type
Unclear
