Security Risk and Compliance Management Specialist III
Mexico - Mexico City - Remote
Applications have closed
Rackspace
As a cloud computing services pioneer, we deliver proven multicloud solutions across your apps, data, and security. Maximize the benefits of modern cloud.
Leads the security policy management function within GRC end-to-end.
-Responsible for running policy workshops to triage policy intake request for the modification and/or creation of new policies, control standards, and procedures. This may also include troubleshooting ownership issues, or anything related to policies such as correlation to compliance frameworks, risks or general cybersecurity events and evolution.-Responsible for facilitating the annual policy attestation cycle where owners must leverage the GRC tool, Archer to sign off or modify their control statements. This includes working together with partners across the organization who need support navigating the intricacies of policy management.-Supporting all issues related to policy management.-POC for everything Policy Mgmt. within GRC and for partnering areas.-Setting long term goals and strategies to evolve policy mgmt.
Leads the Security Awareness Training (SAT) function within GRC end-to-end.
-Responsible for security onboarding for all new recruits as well as annual security refresher training. This includes maintaining current content, creation of new content, leveraging our tools for content changes and working with learning center management peers.-Lead for National Cyber Security Awareness Month. This includes creation of the schedule of events, and executing the plan – workshops, webinars, training, games, prize, tech talks etc.-Lead for hosting phishing program and campaigns to increase employee vigilance. This includes creating the plans, testing, prepping with technical areas to ensure conflicts don’t arise, analyzing the data during and after the phishing campaigns. This also includes fixing any and all issues that may arise regarding tool conflicts, false positives etc.-Familiarity with common SAT platforms such as ProofPoint, KnowBe4, OneTrust, Archer etc.-Lead for ad-hoc training and role-based training per utilized SAT platforms. Expand upon SAT program to host periodic training by function, group etc.-Support other areas who rely on security training or awareness needs.
-Responsible for running policy workshops to triage policy intake request for the modification and/or creation of new policies, control standards, and procedures. This may also include troubleshooting ownership issues, or anything related to policies such as correlation to compliance frameworks, risks or general cybersecurity events and evolution.-Responsible for facilitating the annual policy attestation cycle where owners must leverage the GRC tool, Archer to sign off or modify their control statements. This includes working together with partners across the organization who need support navigating the intricacies of policy management.-Supporting all issues related to policy management.-POC for everything Policy Mgmt. within GRC and for partnering areas.-Setting long term goals and strategies to evolve policy mgmt.
Leads the Security Awareness Training (SAT) function within GRC end-to-end.
-Responsible for security onboarding for all new recruits as well as annual security refresher training. This includes maintaining current content, creation of new content, leveraging our tools for content changes and working with learning center management peers.-Lead for National Cyber Security Awareness Month. This includes creation of the schedule of events, and executing the plan – workshops, webinars, training, games, prize, tech talks etc.-Lead for hosting phishing program and campaigns to increase employee vigilance. This includes creating the plans, testing, prepping with technical areas to ensure conflicts don’t arise, analyzing the data during and after the phishing campaigns. This also includes fixing any and all issues that may arise regarding tool conflicts, false positives etc.-Familiarity with common SAT platforms such as ProofPoint, KnowBe4, OneTrust, Archer etc.-Lead for ad-hoc training and role-based training per utilized SAT platforms. Expand upon SAT program to host periodic training by function, group etc.-Support other areas who rely on security training or awareness needs.
Required Skills
- Strong understanding of Archer GRC Tool. Development is not a must but navigation is.
- Strong communication skills, ability to navigate across departments and network with various employees across the department to solve issues, host trainings, run meetings and workshops etc.
- Supports the maturity of Governance function.
- Develops documentation related to GRC Platform.
Required Experience
- Minimum of 5-8 years of practical information security experience in developing and maintaining secure architectures for large enterprises is preferred.
- Discover your inner Racker: Racker Life
- Fluent, Bi-lingual (Spanish and English): interviews will be held in English.
- Role can work remotely in the states of Ciudad de Mexico, Jalisco, Nuevo Leon, Aguascalientes, Queretaro, Estado de Mexico and Puebla.
- This opportunity is a permanent remote job, but you need to be based in Mexico at one of the above locations.
- #LI-JR1
- #LI-Remote
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
3
0
0
Category:
Compliance Jobs
Tags: Business Intelligence Compliance Governance
Perks/benefits: Career development
Regions:
Remote/Anywhere
North America
Country:
Mexico
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Systems Security Officer jobsSenior Cloud Security Engineer jobsInformation System Security Officer jobsSenior Cybersecurity Engineer jobsInformation Security Specialist jobsInformation Security Manager jobsSenior Network Security Engineer jobsSecurity Consultant jobsCyber Security Specialist jobsIT Security Engineer jobsSecurity Specialist jobsSenior Information Security Analyst jobsSenior Penetration Tester jobsIT Security Analyst jobsSenior Cyber Security Engineer jobsSystems Engineer jobsChief Information Security Officer jobsSystems Administrator jobsStaff Security Engineer jobsInformation System Security Officer (ISSO) jobsPrincipal Security Engineer jobsThreat Intelligence Analyst jobsSenior Product Security Engineer jobsCloud Security Architect jobsInformation Systems Security Engineer jobs
GDPR jobsEncryption jobsPowerShell jobsDevSecOps jobsEDR jobsSaaS jobsIDS jobsSplunk jobsSDLC jobsRMF jobsIPS jobsTop Secret jobsSQL jobsIntrusion detection jobsBash jobsThreat detection jobsActive Directory jobsCompTIA jobsDoDD 8570 jobsITIL jobsOWASP jobsDocker jobsBanking jobsCRISC jobsUNIX jobs
Finance jobsTCP/IP jobsClearance Required jobsGIAC jobsCISO jobsIndustrial jobsTerraform jobsHIPAA jobsIT infrastructure jobsSOC 2 jobsSANS jobsJavaScript jobsVPN jobsOSCP jobsCCSP jobsMITRE ATT&CK jobsSOAR jobsJira jobsDNS jobsSOX jobsData Analytics jobsPolygraph jobsNIST 800-53 jobsGCIH jobsSecurity strategy jobs