Description

Lead information security risk management, compliance auditing, and technical security implementations for our Phoenix-based team.

Responsibilities

  • Conduct regular security risk assessments and maintain the company risk register.
  • Draft, review, and update security and GRC-related policies and procedures.
  • Execute incident response planning, analyze breaches, and coordinate corrective actions.
  • Manage internal and external compliance audits, including evidence collection and remediation.
  • Evaluate, implement, and manage security tools and solutions in line with architecture.

Required Skills

  • 5+ years of experience in information security and GRC roles.
  • Hands-on experience managing compliance audits for NIST, CIS, PCI, HITECH, ISO 27001/2, SOC1, or SOC2.
  • Proficiency with cloud platforms including AWS, GCP, and Azure.
  • Technical experience with SIEM, IDS/IPS, Firewalls, CSPM, and SSPM.
  • Deep knowledge of risk management, threat analysis, and vulnerability monitoring.
  • Ability to translate global and regional regulations into internal policies.
  • Bachelor's degree in Information Technology, Computer Science, or a related field.

Preferred Skills

  • Relevant certifications such as CISSP, CISA, CRISC, or CISM.

Education

Bachelor's Degree