Senior Trust Assurance Specialist

Who we are

We're a leading, global security authority that's disrupting our own category.  Our encryption is trusted by the major ecommerce brands, the world's largest companies, the major cloud providers, entire country financial systems, entire internets of things and even down to the little things like surgically embedded pacemakers.  We help companies put trust - an abstract idea - to work. That's digital trust for the real world.

Job summary

We are seeking a Senior Trust Assurance Specialist to join the Trust Office team at DigiCert. The successful candidate will have at least 5 years of experience in compliance, risk management, or internal audit, with a strong background in ISO 27001, SOC2 and other relevant cybersecurity standards. This role requires an individual with a strong knowledge of regulatory frameworks, exceptional analytical and organizational skills and the ability to effectively communicate and collaborate with internal and external stakeholders. The role will report to DigiCert’s Head of Compliance and will be part of the Trust Office team.

What you will do

• Regulatory Compliance: Ensure compliance with WebTrust for CAs, ISO 27001, NIST 800-53 r5, NIST 800-63, FISMA, and other regulatory and industry frameworks.
• Audit and Assessment Management: Prepare for and support internal and external audits, including SOC 2, WebTrust, and other compliance reviews.
• Risk Management: Provide input into DigiCert’s risk management program.
• Policy Development: Provide input and review for relevant DigiCert internal policies and procedures. Ensure appropriate controls are designed and implemented throughout the environment to comply with security policies and procedures.
• Stakeholder Collaboration: Work closely with Security, IT, Legal, and Operations teams to ensure compliance objectives are met.
• Stay informed of emerging regulatory trends and changes, advising senior management on potential impacts and necessary adjustments to the compliance program.
• Serve as a liaison with relevant regulatory bodies, agencies, and external auditors, managing communications and coordinating inspections or investigations.
• Collaborate with Legal, Finance, HR and other departments to ensure cohesive compliance strategies and responses to regulatory issues.
• Help foster a culture of compliance and security throughout the organization.
• Any other similar related activities as assigned.

What you will have

• Minimum bachelor’s degree in law, compliance, computer science or related field.
• 5+ years of experience in compliance, risk management, or internal audit, preferably in a cybersecurity, PKI, or cloud environment.
• Strong knowledge of PKI, digital certificates, and cryptographic security principles.
• Experience with standards such as WebTrust for CAs, SOC 2, ISO 27001, FIPS 140-2/3, and NIST frameworks (800-53 r5, 800-63).
• Experience engaging with regulatory bodies, auditors, and external auditors.
• Experience writing and evaluating control design.
• Certifications such as CISSP, CISM, CISA or CRISC are highly desirable.
• Excellent analytical, organizational and communication skills.
• Experience with compliance and risk management software and the ability to leverage technology for efficient compliance monitoring and reporting.

Benefits

DigiCert offers a competitive benefits package for all of our full-time employees. 

DigiCert is an Equal Opportunity employer and is committed to diversity in its workforce. In compliance with applicable federal and state laws, DigiCert prohibits discrimination on the basis of race or ethnicity, religion, color, national origin, sex, age, sexual orientation, gender identity/expression, veteran’s status, status as a qualified person with a disability, or genetic information. Individuals from historically underrepresented groups, such as minorities, women, qualified person with disabilities, and protected veterans are strongly encouraged to apply.

#LI-RR1