Senior Information Security Engineer

Fortune 500 Software Company

This is a great job with a leader in the InfoSec software industry!   In this role, you will work on complex Governance, Risk and Compliance projects for internal and external customers.

Principal Duties and responsibilities

  • Develop project requirements, objectives, plans, schedules and tasks for both IT and the business community related to compliance activities.
  • Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitating the timely resolution of any audit findings.
  • Ensure reports and findings are delivered in a timely and appropriate manner to management
  • Facilitate compliance with the internal control standards via regular monitoring of related activities using RSA Archer.
  • Execute multiple security control validation programs simultaneously with specific deadlines.
  • Recognizes and identifies potential areas where existing policies, standards and procedures require change.
  • Manage the progress of remediation steps on identified control deficiencies via RSA Archer.
  • Execute to successful completion of GRC work products.
  • Support additional internal and external compliance activity as part of the ISGRC team.
  • Utilize RSA Archer for reporting on various GRC projects.


  • Strong project management and communication skills (written and oral) with internal organizations and external/internal auditors.
  • Experience with RSA Archer preferred.
  • Skilled in verbal and written communications with the ability to express medium complexity technical concepts in business terms.
  • Excellent teamwork and client service skills
  • Bachelor’s Degree combined with 3-6 years of related experience in IT Audit or Compliance.
  • Possession of the CISA designation required.
  • Possession of standard certifications in Information Security or Compliance preferred (CISSP, CISM, CRISC, PCIP, PCI ISA, or PCI QSA).
  • Experience with Information Security, Compliance & IT Management Standards; ISO27001, PCI-DSS, Trust Service Principles/SSAE-16 SOC1 & SOC2, SOX, HIPAA, GLBA, NIST 800-53, COBIT, & COSO
  • Strong understanding of business applications, including ERP and financial systems.
  • Knowledge of Enterprise Risk Management
  • Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts.
  • Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
  • Proficiency with Microsoft Office software, Excel, Word, PowerPoint, Visio and SharePoint.
Upload your CV/resume or any other relevant file. Max. file size: 64 MB.

You can apply to this job and others using your online resume. Click the link below to submit your online resume and email your application to this employer.