Senior Security Engineer
- Full-Time
- Alpharetta, GA
- Opentext
- Posted 2 years ago – Accepting applications
Zix | AppRiver is now an OpenText company! As a trusted leader in productivity, email security and compliance solutions for businesses of all sizes, we continue to help guide our customers through challenging cyber risks to ultimately find even greater opportunities. While we're passionate about helping our customers succeed in the business world, we're also looking to expand our growing workforce in order to better help our customers scale.
The trusted leader in productivity, email security and complaince solutions for businesses of all sizes, Zix I AppRiver continues to grow by helping guide our customers through challenging cyber risks to ultimately find even greater opportunities. While we're passionate about helping our customers succeed in the business world, we're also looking to expand our growing workfornce in order to better help our customers scale.
The Opportunity:
Locations: Alpharetta, GA, Tampa, FL, Tinton Falls, NJ, Austin, TX, Dallas, TX, Gaithersburg, MD, Lexington, KY
The trusted leader in productivity, email security and compliance solutions for businesses of all sizes, Zix | AppRiver continues to grow by helping guide our customers through challenging cyber risks to ultimately find even greater opportunities. While we're passionate about helping our customers succeed in the business world, we're also looking to expand our growing workforce in order to better help our customers scale.
Zix | AppRiver is looking for a Senior Security Engineer to join our team. The Senior Security Engineer will have the opportunity to impact meaningfully contribute to the Zix | AppRiver Compliance Program in accordance with ISO 27001, PCI-DSS, SOC1/2, HIPAA, SOC2+HITRUST and FedRAMP. The Lead, Security Compliance Analyst plays a key role in the continued development and maturity of an ever-growing IT Compliance Program that supports the delivery of compliance certifications to support customer security requirements. In this role, you will be involved in managing and sustaining the various compliance programs by working collaboratively with internal teams, SMEs, external customers, vendors, auditors, and other stakeholders.
What you will be doing:
Interfacing with auditors, articulating control implementation and impact and establishing considerations for applying security and compliance concepts to a technical cloud environment.- Supporting delivery of audit milestones to ensure audit timelines stay on target by escalating and identifying roadblocks.
- Tracking audit progress, coordinating improvement efforts, and monitoring process improvement effectiveness of the compliance program.
- Effectively communicating compliance program results, including assessment status, workflow, remediation, and reporting, to a broad audience including peers and senior leaders.
- Coordinating the overarching annual audit plan with internal and external auditors to support delivery of multiple, simultaneous audits and certifications (both new and existing) within the Open Text portfolio
- Collaborating cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of compliance readiness and audit execution.
- Participating in, or potentially leading, gap assessment, compliance readiness, and compliance monitoring activities.
- Developing metrics and dashboards for reporting on assigned compliance programs
What experience and skills we need you to have:
6+ years of experience in IT audit and/or compliance, with a concentration on leading multiple, simultaneous audit engagements for a Cloud Service Provider, encompassing multiple frameworks- Familiar with Information Security principles, knowledge of IT processes (e.g. Change Management, Incident Management, Risk Management, Network and System Administration)
- Detailed understanding of evaluating the design and effectiveness of IT controls and experience working with auditors/regulators for compliance assessments
- Experience leading preparation for and/or managing assessment activities (ISO 27001, SOC reporting, PCI DSS, HIPAA/HITRUST, etc.) for assigned cloud services through assessment planning, assessment fieldwork, and final report delivery
- Experience with AWS, Azure, and/or GCP is a plus.
- Experience with ISO 27001 or FedRAMP compliance requirements, a plus.
- Experience with GRC Tools is a plus.
- Strong technical, analytical, interpersonal, communication and writing skills.
- Ability to work both independently and within a global team environment.
- Demonstrated strength in working in a high change environment.
- Strong personal characteristics as demonstrated by the following: achievement-oriented, self-controlled, self-confident, collaborative, flexible, approachable, and dedicated.
- Required industry-standard certifications (CISSP, CISA, ISO 27001 Lead Implementer/Auditor) or equivalent
- Bachelor’s Degree in Information Technology, Business or related vocations.
While OpenText is an Equal Opportunity Employer, our efforts to build an inclusive work environment go beyond simply complying with applicable laws. Our Employment Equity and Diversity Policy provides direction on maintaining a working environment that is inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or other basis protected by applicable laws. Should you require accommodations during the selection process, please contact accommodationrequests@opentext.com.
Additionally, OpenText, as a proud US Federal Government contractor, is subject to Executive Order 14042 requiring all US employees (in office or virtual) be fully vaccinated by January 4, 2022. New employees joining OpenText will be required to provide proof of vaccination prior to joining or be approved for a medical or religious exemptions. If you believe you qualify for an exemption you can request the exemption form at accommodationrequests@opentext.com.