Lead information security risk management, compliance auditing, and technical security implementations for our Phoenix-based team.
Responsibilities
- Conduct regular security risk assessments and maintain the company risk register.
- Draft, review, and update security and GRC-related policies and procedures.
- Execute incident response planning, analyze breaches, and coordinate corrective actions.
- Manage internal and external compliance audits, including evidence collection and remediation.
- Evaluate, implement, and manage security tools and solutions in line with architecture.
Required Skills
- 5+ years of experience in information security and GRC roles.
- Hands-on experience managing compliance audits for NIST, CIS, PCI, HITECH, ISO 27001/2, SOC1, or SOC2.
- Proficiency with cloud platforms including AWS, GCP, and Azure.
- Technical experience with SIEM, IDS/IPS, Firewalls, CSPM, and SSPM.
- Deep knowledge of risk management, threat analysis, and vulnerability monitoring.
- Ability to translate global and regional regulations into internal policies.
- Bachelor's degree in Information Technology, Computer Science, or a related field.
Preferred Skills
- Relevant certifications such as CISSP, CISA, CRISC, or CISM.