Manager, Security and Compliance at The Judge Group Inc. in New York, New York

Posted in Other about 2 hours ago.





Job Description:

Location: REMOTE

Description:
Company: Top technology corp

Position: Compliance Lead/Manager

Location: 100% Remote


No
te from the Manager:


I am looking for candidates that have hands-on, end to end PCI/SOC2 leading experience. Experience with customer engagements, or RFPs or Security questionnaires is a value add. Any technical experience working with the tools in the security ecosystem is a value add. Past experience with larger organizations and banks leading PCI/SOC2 experience is nice to have.


Job Description

Position: Manager, Security and Compliance

Oversee Security and Compliance for the business unit, for a SaaS Online Booking Tool (OBT) for business travel. Develop a multiyear

roadmap and manage execution against it.

Hands-on keyboard manager with experience wearing a lot of hats.

Experience leading security for a business unit or division as part of a larger enterprise is a plus.

Experience with an understanding of business risk appetite and tolerance.

Experience engaging stakeholders to gain support for initiatives.

Travel industry experience is a plus.

SaaS experience is a plus.

Experience managing and working with teammates across multiple time zones and continents is a plus.

Develop and maintain strategy for SOC 2 Type 2 and PCI-DSS attestations. Work with audit support contractors to plan and execute

audits.

Experience with PCI-DSS as a Service Provider.

Experience with PCI-DSS 4 is a plus.

Experience with SOC 2 Type 2 audits.

Work with the Chief Privacy Officer to maintain the business's data privacy program.

Experience with GDPR, CCPA/CPRA is a plus.

Experience leading privacy for a multinational SaaS product is a plus.

Lead product security efforts. Develop product security / SDLC strategy that includes SAST, DAST, and OSS scanning.

Experience with SAST, DAST, and OSS scanning.

Experience with Fortify On-Demand and Nexus IQ is a plus.

Experience with SDLC for security and integration with CI/CD pipelines is a plus.

Experience with container security management is a plus.

Lead vulnerability management program.

Experience with industry-standard vulnerability tools.

Experience in evaluating vulnerabilities in a Linux environment.

Experience developing metrics and tracking remediation.

Experience with Qualys suite is a plus.

Lead Incident Response process in collaboration with the NOC team.

Experience with structuring Incident Response process

Experience with Splunk is a plus.

Experience with Crowdstrike is a plus.

Lead Third-Party Risk Management program.

Experience with vendor assessments for SOC 2 and PCI.

Experience with GDPR sub-processor and controller transfer requirements.

Lead with RFP responses and customer engagement.

Experience with contract review.

Experience engaging customer security teams.

Experience with Responsive is a plus.

Experience creating customer white papers is a plus


Contact: ckelly@judge.com


This job and many more are available through The Judge Group. Find us on the web at www.judge.com
More jobs in New York, New York

Finance
36 minutes ago

Federal Reserve Bank (FRB)
$84,600.00 per year
Other
about 2 hours ago

Veterinary Emergency Group
Other
about 2 hours ago

Veterinary Emergency Group
More jobs in Other

Other
less than a minute ago

West Village Post Acute
Other
3 minutes ago

Lockwood, Andrews & Newnam, Inc. (LAN)
Other
3 minutes ago

Lockwood, Andrews & Newnam, Inc. (LAN)