Senior Security and Compliance Engineer

September 28

Apply Now

Receive Emails with Similar Jobs

Match Group

WebsiteLinkedInAll Job Openings

1001 - 5000

Description

• Develop third-party security review program and collaborate with stakeholders to implement program improvements. • Work with the Legal Operations and Vendor Management stakeholders to support continuous improvement of the entire vendor lifecycle. • Work closely with the business to identify, assess, and document third party relationships, including the regular review of vendors and critical outsourcing arrangements. • Collaborate to devise an integrated strategy and deliverables for the company’s third-party risk roadmap. • Own the implementation of robust third-party controls and monitor arrangements on an ongoing basis. • Develop and maintain internal security policies, procedures, guidelines, and best practices and communicate those to stakeholders. • Work across all brands to address the latest challenges and ensure systems and users are secure. • Coordinate controls testing and compliance obligations for a decentralized environment to support corporate security. • Assess security risk for large scale organizations, including assessing and designing internal controls utilizing experience in cloud services organizations. • Perform recurring internal security audits to improve the company’s overall security posture. • Identify and assess Information Technology (IT) risks and recommend mitigating controls utilizing security knowledge across common industry security standards and experience with data security frameworks and regulatory standards. • Participate in the development and oversight of required corrective action plans relating to security and compliance issues. • Domestic travel required up to 10% of the time. • Position allows telecommuting from anywhere in the U.S.

Requirements

• Bachelor’s degree or U.S. equivalent in Computer Science, Network and Computer Security, Information Technology, or a related field plus 5 years of professional experience as Security Engineer, Security Compliance Analyst, or any occupation/position/job title involving IT security risk and compliance. • In lieu of a Bachelor’s degree plus 5 years of experience, the employer will accept a Master’s degree or U.S. equivalent in Computer Science, Network and Computer Security, Information Technology, or a related field plus 3 years of professional experience as Security Engineer, Security Compliance Analyst, or any occupation/position/job title involving IT security risk and compliance. • 2 years of professional experience developing IT security risk and compliance guidelines and policies to support compliance programs in the technology industry. • 2 years of professional experience working with third-party industry frameworks (including VASQ, SIG, or CSA). • 2 years of professional experience utilizing security frameworks (including SOC 2, PCI-DSS, or ISO27001). • 2 years of professional experience with regulations governing outsourcing in technology data services, including personal information and privacy requirements. • 2 years of professional experience performing operational and technology risk management.