Senior InfoSec Auditor (Germany, Remote)

Who We Are:

 

The Company

Ivanti is a global technology leader, enabling organizations to thrive in the Everywhere Workplace – automating the tasks that discover, manage, secure and service all of their IT assets. We deliver innovative solutions to exceed customer expectations.

Ivanti's platform makes it possible for employees to stay productive, secure and engaged wherever they are. That starts with us. With headquarters in Utah, offices in London and Paris and nearly 3,200 employees in 25 countries around the world, we are the Everywhere Workplace – it's a great time to work for Ivanti!

 

The Team

Ivanti’s Information Security is a global team of experienced professionals dedicated to ensuring the security of Ivanti’s products, corporate and production networks, and environments, and of course, its data. Ivanti’s innovated solutions are used by customers in every industry and every part of the world. To stay ahead of potential threats, Information Security has a strong partnership with all parts of the business, providing proactive solutions that are deeply integrated throughout the organization and our products.

 

Our Culture:

Teamwork is intrinsic to what we do and who we are. We are accountable to each other – and support one another. We provide opportunities to grow, learn, add value and thrive while working to achieve new levels of performance. We value integrity, dignity, and respect, and place importance on demonstrating appreciation through both action and words.

The technology world is battling cyberterrorism. We wake up every day with a commitment to enable, prepare, and protect our customers so they can drive their own business success.

When our customers, our governments, and our people are protected from threats – We WIN! We start with the end goal in mind – for our customers, employees, partners and investors.

With performance-driven attitudes – our victory is reaching target outcomes.

 

Why We Need You!

As part of the Compliance and Audit team, you will lead the execution of multiple functions and support daily activities of the program, included but not limited to: development, implementation, documentation/maintenance of policies and procedures, monitoring program compliance, investigation and tracking of incidents and breaches and insuring compliance with federal laws.

 

Critical priorities include:

· Serve as the primary lead and point of contact in the evaluation and certification process of information technology products and systems.

· Evaluate the product/system against the specified evaluation assurance level (EAL) to determine if the security requirements have been met.

· Assess product/system’s security features, design, implementation, and documentation. Perform hands-on testing.

· Develop a comprehensive audit plan; defining the scope of the evaluation, identifying security requirements, and determining EAL to be achieved.

· Interact with product developers and stakeholders to communicate audit progress, findings, and any necessary corrective actions.

 

The primary focus of this position in Information Security is to work with internal stakeholders and product engineering teams to drive adherence of audit requirements and the ongoing improvements within the Common Criteria program.

 

To Be Successful in The Role, You Should Be Able to:

· Evaluate the product/system against the specified evaluation assurance level (EAL) to determine if the security requirements have been met.

· Assess product/system’s security features, design, implementation, and documentation. Perform hands-on testing.

· Develop a comprehensive audit plan; defining the scope of the evaluation, identifying security requirements, and determining EAL to be achieved.

· Interact with product developers and stakeholders to communicate audit progress, findings, and any necessary corrective actions.

 

You Can Leverage Your Expertise to:

· Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.

· Work independently and have the ability to prioritize conflicting demands from multiple business clients in an extremely fast-paced environment

 

You Should be Knowledgeable In:

· Thorough understanding of the Common Criteria (ISO/IEC 15408), FIPS, and other Federal certifications and its evaluation methodologies

· Familiarity with Common Evaluation Methodology (CEM) and associated documentation (Protection Profiles, Security Targets, etc.)

· In-depth knowledge of IT systems: hardware, software, and networks

· Understanding of system architectures, components, and interactions

· Analyzing technical specifications, designs, and system documentation

 

Other Qualifications:

· Previous professional experience in a similar role with a focus on Common Criteria audits

· Experience with communicating effectively and efficiently across diverse teams, through verbal and written exchanges

· Industry certification preferred (CISSP, CISM, or Common Criteria certification, CISA)

 

At Ivanti, we are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates without regard to race, color, religion, sex, pregnancy (including childbirth, lactation and related medical conditions), national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and veteran status, and any other characteristic protected by applicable law. Ivanti believes that diversity and inclusion among our teammates is critical to our success as a global company, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool.  

If you require special assistance for the best interview experience, please contact us at recruiting@ivanti.com. 

#LI-Remote
#LI-AA1