This job is closed

We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.

Manager, Security and Compliance

The Judge Group - Englewood, CO

posted 2 months ago

Full-time - Manager
Onsite - Englewood, CO
Administrative and Support Services

About the position

The Manager, Security and Compliance will oversee security and compliance for a SaaS Online Booking Tool (OBT) focused on business travel. This role involves developing a multiyear roadmap, managing execution, and leading various security initiatives, including SOC 2 Type 2 and PCI-DSS attestations. The ideal candidate will have hands-on experience in security management, stakeholder engagement, and a strong understanding of business risk appetite.

Responsibilities

  • Oversee Security and Compliance for the SaaS Online Booking Tool.
  • Develop a multiyear roadmap and manage execution against it.
  • Lead security for a business unit or division within a larger enterprise.
  • Engage stakeholders to gain support for security initiatives.
  • Develop and maintain strategy for SOC 2 Type 2 and PCI-DSS attestations.
  • Work with audit support contractors to plan and execute audits.
  • Maintain the business's data privacy program in collaboration with the Chief Privacy Officer.
  • Lead product security efforts and develop product security/SDLC strategy.
  • Lead vulnerability management program and evaluate vulnerabilities in a Linux environment.
  • Lead Incident Response process in collaboration with the NOC team.
  • Lead Third-Party Risk Management program and vendor assessments for SOC 2 and PCI.
  • Engage customer security teams and respond to RFPs.

Requirements

  • Hands-on experience with PCI/SOC2 compliance leading.
  • Experience with customer engagements, RFPs, or security questionnaires.
  • Technical experience with tools in the security ecosystem.
  • Experience managing and working with teams across multiple time zones.
  • Understanding of business risk appetite and tolerance.
  • Experience with PCI-DSS as a Service Provider.
  • Experience with SOC 2 Type 2 audits.
  • Experience with GDPR, CCPA/CPRA compliance.

Nice-to-haves

  • Experience with larger organizations and banks leading PCI/SOC2.
  • Travel industry experience.
  • SaaS experience.
  • Experience with Fortify On-Demand and Nexus IQ.
  • Experience with container security management.
  • Experience with industry-standard vulnerability tools.
  • Experience with Splunk and Crowdstrike.

Benefits

  • Remote work flexibility
  • Professional development opportunities
  • Health insurance coverage
  • 401k retirement plan
Job Description Matching

Match and compare your resume to any job description

Start Matching

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service