Security Risk and Compliance Management Specialist IV
Mexico - Mexico City - Remote
Rackspace
As a cloud computing services pioneer, we deliver proven multicloud solutions across your apps, data, and security. Maximize the benefits of modern cloud.
Compliance audit and Risk Management Expert who is ell-versed in multiple security compliance frameworks, third party (vendor) risk management, and process improvements.Strong experience in PCI v4, SOC 1, 2, & 3, HITRUST v11, and ISO 27001preferred.
About Rackspace TechnologyWe are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future. More on Rackspace TechnologyThough we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.
Job Description
- Acts as an advocate in development of overall information security program globally. Creates and performs global IT Risk and Compliance assessments.
- For various compliance frameworks, performs gap assessments, coordinates remediation planning/execution, and works with auditors and system owners to ensure all audit requirements and controls are properly addressed and in place.
- Assists in development and execution of information security, compliance, and risk best practices globally through audits, assessments, and policy-making.
- Leads cross-functional team members in strategy development and implementation of risk framework and compliance solutions. Independently performs complex and often unique work assignments and problem resolution. Serves as the subject matter expert to ensure documents, projects, process, and product initiatives comply with regulatory and legal requirements and enterprise policy.
- Develops training and communication of Information Security, IT Risk, and compliance.
- Maintains expert knowledge of the competitive/regulatory landscape and company's key challenges. Coordinates and responds to regulatory requirements and requests, and ensures the execution of examinations.
- Conducts IT Risk and Information Security due diligence activities relative to vendors and third parties (TPRM).
- Develops and recommends compliance solutions impacting the enterprise. Develops Risk Assessment process, charters, policies, methodologies, and reports.
- Leads cross-functional workgroups, communication strategies, and planning meetings to develop solutions that meet the objectives of both the business and the IT Risk, Compliance, and Information Security team.
- Oversees implementation of operational and non-operational risk management programs by providing guidance and assistance to business units with the identification, evaluation, understanding, management, and communication of risk. Provides data and analytics in support of the risk officer and risk committees. Directs analysis and root cause identification.
- Conducts risk assessments and documents findings where the deviation from an information security or IT Risk policy or standard is desired. Ensures risk remediation plans meet key business objectives and partners with the business owners to follows through with corrective action steps. Develops appropriate data and analytics that deliver appropriate data to communicate risk at the executive level.
- Provides subject matter expertise on areas of security, privacy and regulatory compliance to Sales, Marketing, Product Development, Legal and Policy teams.
- Conducts detailed analysis of risk rating, risk appetite, and provides data driven summaries to business leaders. Documents and provides detailed analysis of findings where deviations exist through internal or external testing.
- Assists policy personnel in technical conversations with policy makers, industry bodies and other third-parties to advance Rackspace’s message.
- Provide feedback to product management in the development of trust-related features, and supports regional security and compliance accreditation projects.
- Develops internal control testing and documented processes.
- Updates internal control matrices where necessary to support annual changing environments.
- Adapts and creates processes as applicable, including changes in processes or reporting metrics.
- Executes as the conduit between internal control owners and external auditors, including kickoff meetings, interview requests, closing meetings, and evidence gathering.
- Executes internal customer audits which include scheduling, presentation of the Rackspace compliance portfolio, and overseeing the successful visit in conjunction with Account Managers.
- Responsible for adhering to company security policies and procedures as directed.
Required Experience
- 5+ years of experience. Experience in leadership in information security policy, standards, compliance, technology and programs a plus
- Must have at least one of the following active certifications: CISA, CISM, CISSP or CFE. Other related certifications such as ITIL, PMP, SANS/GSEC, CIPP, CRISC, CGEIT, CPA/CA are preferred, but not required.
- Discover your inner Racker: Racker Life
- Fluent, Bi-lingual (Spanish and English): interviews will be held in English.
- Role can work remotely in the states of Ciudad de Mexico, Jalisco, Nuevo Leon, Aguascalientes, Queretaro, Estado de Mexico and Puebla.
- This opportunity is a permanent remote job, but you need to be based in Mexico at one of the above locations.
- #LI-JR1
- #LI-Remote
About Rackspace TechnologyWe are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future. More on Rackspace TechnologyThough we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
7
0
0
Category:
Compliance Jobs
Tags: Analytics Audits Business Intelligence CIPP CISA CISM CISSP Cloud Compliance CRISC GSEC HITRUST ITIL Privacy Risk assessment Risk management SANS SOC SOC 1 Strategy
Perks/benefits: Team events
Regions:
Remote/Anywhere
North America
Country:
Mexico
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Security Operations Engineer jobsPenetration Tester jobsSenior Cybersecurity Engineer jobsSenior Cyber Security Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsPrincipal Security Engineer jobsCloud Security Architect jobsSenior Network Security Engineer jobsInformation System Security Officer jobsChief Information Security Officer jobsSenior Penetration Tester jobsStaff Security Engineer jobsSecurity Specialist jobsSecurity Consultant jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Information Security Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobsInformation System Security Officer (ISSO) jobsCybersecurity Consultant jobsThreat Intelligence Analyst jobsSenior Information Security Engineer jobs
SaaS jobsSDLC jobsMalware jobsEncryption jobsRMF jobsForensics jobsSQL jobsGDPR jobsIPS jobsSplunk jobsIDS jobsTop Secret jobsEDR jobsTerraform jobsFinance jobsDoDD 8570 jobsBash jobsITIL jobsOWASP jobsUNIX jobsCRISC jobsGIAC jobsDocker jobsIntrusion detection jobsCompTIA jobs
TCP/IP jobsThreat detection jobsBanking jobsActive Directory jobsData Analytics jobsSANS jobsPolygraph jobsCCSP jobsOSCP jobsClearance Required jobsVPN jobsCyber defense jobsAnsible jobsSOC 2 jobsIT infrastructure jobsJavaScript jobsSOAR jobsDNS jobsSOX jobsJira jobsGCIH jobsSecurity strategy jobsNIST 800-53 jobsOracle jobsCryptography jobs