Technical Compliance Manager

3 days ago

Apply Now

Receive Emails with Similar Jobs

solo.io

WebsiteLinkedInAll Job Openings

service mesh • kubernetes • cloud native • envoy proxy • API Gateway

51 - 200

Description

• The Infosec and Compliance Engineer plays a pivotal role securing Solo’s infrastructure, data and software. • This person is responsible for helping Solo.io define, establish and manage our corporate security strategy. • This is a hands-on role helping Solo build and define the security compliance mechanisms for our products and services. • It involves working with all departments at Solo.io to identify areas relevant to each department for compliance purposes, providing expert guidance. • In addition, this person will help implement and document applicable policies and processes. • The fractional CISO will work directly with auditors leading our security compliance. • This resource may also work with our customers and prospects to understand security requirements, respond to security related inquiries and help Solo establish security commitments between both parties. • The ideal candidate will have hands-on security compliance experience in a cloud native environment, as well as excellent customer facing and technical documentation skills. • Areas of Responsibility include leading audits, establishing corporate strategy, and maintaining compliance management.

Requirements

• 3+ years of InfoSec and security compliance expertise with successful track record of obtaining SOC2 and ISO-27001 compliance • 2+ years of SOC analyst or security compliance management experience in a cloud native environment • 2+ years of Customer Service or other customer facing experience • 2+ Years of Prior SW development or DevOps experience • 2+ years of SaaS and Cloud technical hands on experience • 2+ years working with agile methodologies • Highly desirable: 2+ years of Kubernetes hands on experience • A passion about solving clients’ security challenges • Well-developed technical writing skills • Knowledge of security operations tools, systems, and practices (SIEM, WAF, vulnerability scanning, penetration testing, system hardening, MFA, SSO, etc.) • Familiar with core networking concepts, protocols, and common services • Understanding of encryption concepts and SSL/TLS certificates • General scripting or coding experience • Cybersecurity certifications (SSCP, CompTIA Security+, etc.) • Experience with any security frameworks (NIST CSF, CIS, COBIT, etc.) • A degree in Cybersecurity or a related field.