**Company:** Qualcomm Semiconductor Limited **Job Area:** Information Technology Group, Information Technology Group > IT Engineering **General Summary:** The Information Security & Risk Management organization is looking for a strong team player with industry experience in cyber security risk management, assessments, and audit compliance. The role will play a key part in the supply chain security assurance through onsite and remote assessments as well as performing internal security reviews. The ideal candidate: + Will have in-depth experience in an audit function, including standardized audit methodologies such as those associated with SOX, ISO 27001, or as dictated by the Certified Information Systems Auditor (CISA) methodologies + Background and experience with performing general security assessments and reviews + Will have a professional demeanor and have experience presenting to executive leadership, customers, and partners + Will have a demonstrable track record for leveraging standard risk assessment frameworks and standardized methodologies for assessing third parties who are critical to the company product supply chain + Exceptional communications skills desired + Will have a track record of flexibility and versatility to adapt to the ever-changing threat environment and business drivers that influence the projects and priorities of ISRM + Can manage complex programs or projects on a global scale with little to no direction. + Drive propagation of security improvements through engineering and enterprise environments, including hands-on technical work as needed. Skills/Experience + Experience in performing security audits against key suppliers and third parties + Performed risk assessments and security architecture reviews + Help drive security actions to closure on key projects and programs + Excellent cross functional relationship building skills + Five years of hands on information security experience in a large-sized enterprise IT environment with thorough understanding of risk assessment and audit standards such as ISO 27001, COBIT, and NIST Cybersecurity Framework + Support other information security and risk management activities, goals and objectives as requested. + Other preferred skills include: + Experience in understanding regional regulations such as the China Cyber Security Law + Ability to document, enhance, and create compliance metrics and Key Performance Indicators Responsibilities + Maintains security by monitoring and ensuring compliance to security and contractual obligations of suppliers + Enhancing the supply chain security program through alignment with risk management frameworks + Prepares system security reports by collecting, analyzing, and summarizing risk trends + Must be familiar with gathering system requirements, performing independent analysis and taking actions to execute on a plan. Educational Requirements Required: Bachelor's, Computer Engineering and/or Computer Science and/or Electrical Engineering and/or Information Technology Desired Certifications: CISSP, CISM, CISA, CRISC **Minimum Qualifications:** • 4+ years of IT-related work experience with a Bachelor's degree. OR 7+ years of IT-related work experience without a Bachelor’s degree. Physical Requirements: • Frequently transports and installs equipment up to 20 lbs. Keywords Cyber Security, Supply Chain Security, Third Party Risk Management, Information Security, Compliance, Audit **Applicants** : Qualcomm is an equal opportunity employer. If you are an individual with a disability and need an accommodation during the application/hiring process, rest assured that Qualcomm is committed to providing an accessible process. You may e-mail disability-accomodations@qualcomm.com or call Qualcomm's toll-free number found here (https://qualcomm.service-now.com/hrpublic?id=hr\_public\_article\_view&sysparm\_article=KB0039028) . Upon request, Qualcomm will provide reasonable accommodations to support individuals with disabilities to be able participate in the hiring process. Qualcomm is also committed to making our workplace accessible for individuals with disabilities. (Keep in mind that this email address is used to provide reasonable accommodations for individuals with disabilities. We will not respond here to requests for updates on applications or resume inquiries). Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law. **To all Staffing and Recruiting Agencies** : Our Careers Site is only for individuals seeking a job at Qualcomm. Staffing and recruiting agencies and individuals being represented by an agency are not authorized to use this site or to submit profiles, applications or resumes, and any such submissions will be considered unsolicited. Qualcomm does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications. If you would like more information about this role, please contact Qualcomm Careers (http://www.qualcomm.com/contact/corporate) . EEO Employer: Qualcomm is an equal opportunity employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or any other protected classification