This position acts as a liaison between business application owners and the greater information security team, fostering trust and engagement. They ensure that Zoox’s information security policies, standards, and processes are followed, and where necessary work through exceptions and compensating controls to enable the business securely. The successful candidate for this role will have experience in one or more of the following areas: information security governance, analyzing and maintaining policy and standards, risk management, compliance, security architecture, and internal security consultation.
Responsibilities
Act as a security consultant on company initiatives to ensure security design is included throughout the company initiatives.
Perform security assessments utilizing industry-standard security control frameworks.
Coordinate and collaborate with cross-functional teams, IT teams as required to help identify and protect sensitive data.
Perform a key role in establishing and strengthening an information security governance implementation to:
Improve the quality and protection of sensitive data
Respond to regulatory protection requirements
Become the liaison between multiple groups and stakeholders involved in the cybersecurity security program
Ability to develop constructing working relationships and manage challenging situations
Qualifications
Bachelor’s Degree in computer science or job-related discipline or equivalent experience
5+ years of security consulting, architecture, or GRC experience
5+ years of security assessment/analysis
5 years of experience in a medium to large-sized IT Organization
Understanding of in industry best practices (ISO, NIST, CIS, etc.) and regulatory requirements
Understanding of threat prevention, identification, and mitigation technologies
Understanding and working experience of the cybersecurity kill-chain
Experience with programming skills (python or similar)