Job Type
Job Details
Cox Communications, Inc. (CCI) is searching for a Cyber Risk and Compliance Senior Manager , who will report to the Senior Director of Governance, Risk, and Compliance at RapidScale . This individual will contribute to the compliance and governance activities related to multiple frameworks and regulatory requirements including SOC 2, PCI DSS, HITRUST, ISO 27001, NIST 800-53, GDPR, and HIPAA. This is an exciting position for the right candidate. This individual will assist in establishing and sustaining a continuous evaluation framework to track that compliance activities are being documented and effectively adhered to. The individual will also help evolve the compliance and Cybersecurity programs to rely on more effective, efficient processes and enable scalability for future compliance initiatives. This individual must exhibit accountability for the compliance projects and tasks assigned to them while continuing to drive actions across multiple teams. The successful candidate should complement the rest of the teams capabilities and should be details oriented.
Responsibilities:
-
Utilize technical experience to collaborate with cross functional teams to validate they are effectively implementing relevant security controls, understand their operations, and compliance with corporate standards.
-
Monitor and enhance the controls necessary to achieve and maintain SOC 2, PCI DSS, HIPAA, NIST 800-53, ISO 27001, GDPR, and other compliance requirements. Routinely test controls as required.
-
Assist external parties delivering projects related to compliance or other security initiatives.
-
Facilitate and provide governance over internal assessments and external audits of the compliance programs.
-
Develop, revise, and maintain remediation plans in coordination with the remediation owners. Track the remediation plans to closure.
-
Manage and develop the cyber security control frameworks supporting security compliance objectives.
-
Maintain tools and processes that enable governance of compliance.
-
Assist in the development of key reporting metrics and executive presentations to promote awareness and support of compliance programs.
-
Performance of other duties and responsibilities as assigned.
Minimum:
-
BA degree Cybersecurity, Computer Science, IT Management or other directly related field 8 years’ experience in a related field. The right candidate could also have a different combination, such as a master’s degree and 6 years’ experience; a Ph.D. and 3 years’ experience in a related field; or 20 years’ experience in a related field.
-
5+ years information security controls, information technology audit, or security risk management, OR
-
5+ years progressive cyber experience which includes technical competencies such as working in a Security Operations Center, incident response, penetration testing, network engineering, etc.
-
Ability to influence across functional teams to achieve desired business results.
-
Excellent verbal and written communication skills.
-
Strong attention to detail, well organized, and able to manage time effectively.
Preferred:
-
Demonstrated experience with at least 3 of the following: SOC 2, PCI DSS, HITRUST, HIPAA, ISO 27001, and NIST 800-53.
-
A Background in 2 or more of Finance, Healthcare and Cloud security compliance preferred.
-
Experience working with ServiceNow
-
Professional services audit or consulting background.
-
2+ years as a cyber security consultant in any relevant field.
-
At least one relevant industry certification, for example: CISSP, CISA, CISM, CRISC.
Compensation:
Compensation includes a base salary of $129,100.00 - $215,100.00. The base salary may vary within the anticipated base pay range based on factors such as the ultimate location of the position and the selected candidate’s knowledge, skills, and abilities. Position may be eligible for additional compensation that may include an incentive program.
