Natick, MA, US
27 days ago
Senior Security Compliance Auditor - Infrastructure
Senior Security Compliance Auditor - Infrastructure Job Summary

Apply Now

Job: 34213-RKUL Location: US-MA-Natick Department: Software Process Engineering

Are you passionate about cybersecurity compliance and software auditing? Are you interested in driving adoption of standards and practices to improve infrastructure security? If yes, we’d love to talk to you.

Our internal Quality Assurance function is looking for a detail-oriented and enthusiastic Senior Infrastructure Security QA Engineer to drive audit efforts within MathWorks to improve compliance to industry standards for infrastructure security. In this role, you will work with various stakeholders to govern policies and procedures, improve infrastructure security controls through periodic internal auditing.

Responsibilities Develop and execute internal audit plans to periodically assess compliance to industry frameworks for infrastructure security, maintain system security plans, and track remediation. Enable management oversight through periodic internal audit reporting to teams and senior stakeholders. Make practical recommendations to improve security practices and increase the strength of the overall control environment. Work with cross-functional teams to ensure audit-readiness and drive external audits with certification authorities. Drive adoption of security standards by actively engaging with key stakeholders and process owners. Support the lifecycle of policies and standards to meet cybersecurity regulatory requirements and to enhance cybersecurity resilience. Support risk assessments to enable deployment of security controls and ensure compliance with corporate cybersecurity policies and applicable local and international regulations and standards. Contribute to projects supporting enterprise initiatives, new system implementations, and business process changes to provide proactive risk and control guidance to business partners.

 

Minimum Qualifications A bachelor's degree and 6 years of professional work experience (or a master's degree and 3 years of professional work experience, or a PhD degree, or equivalent experience) is required. Candidates for this position must be authorized to work in the United States on a full-time basis for any employer without restriction. Visa sponsorship will not be provided for this position. Additional Qualifications Strong knowledge of software development processes, on-prem and cloud-based infrastructure, cybersecurity, network security, risk management, application security, and third-party management. Demonstrated knowledge of IT audit methodologies and control frameworks of IT platforms, cyber security processes, systems, and controls. Experience with / solid understanding of SOC 2, COBIT, ITIL, ISO, IT General Controls (ITGC), NIST 800-171, NIST 800-53, ISO 27001/2, NIST SSDF, and/or other industry standard control frameworks to document and assess Cybersecurity compliance. Exceptional communication skills including clear and concise writing, an engaging presentation style, and group facilitation. Strong teamwork skills with a demonstrated ability to collaborate across teams and roles.
Confirm your E-mail: Send Email