Description

Responsibilities

Primary Responsibilities:

• Responding to Due Diligence Requests from customers and/or prospects both manually and via the ClearOPS Answer Management System
• Responding to RFP Requests from prospects both manually and via the ClearOPS Answer Management System
• Participation in customer or prospect discussions on information security related topics
• Development of artifacts in support of ISO 27001 and SOC2 audit fieldwork
• Regular monitoring of the MCO Rapid7 IDR SIEM solution
• Secondary Responsibilities:
• Internal audits and control reviews in support of the MCO ISO 27001 ISMS based upon the audit plan developed by the IT Security Manager
• Member of the IT Security team working with other Technology departments including Architecture, Operations, and Engineering
• Work with security tools including (but not limited to) Static Code Analysis, Vulnerability Management, Penetration Testing, etc.
• Other duties and responsibilities as assigned.

Experience and Skills

Experience with the following will be beneficial.

Essential Skills:

• Excellent soft skills to effectively communicate with all levels in both MCO and our customers.
• Excellent analytical, critical thinking, and problem-solving skills
• Excellent verbal and written communication skills
• Preferred Skills:
• IT Audit Experience with either ISO 27001 or SOC2 as a participant or SME (Subject Matter Expert)
• Security Certifications (or willingness to obtain) including Security+, CC, SSCP, CISM, CISA, CCSP
• A working knowledge of SaaS vendors
• A working knowledge of the software development lifecycle (SDLC) for SaaS applications
• Knowledge of data protection legislation (GDPR, CCPA, etc.)
• Strong technical skills (e.g. Office365, Linux, Palo Alto firewalls, Oracle databases, etc.)