Cyber Security GRC Lead Engineer (PCI DSS, SOC 2 ISO 27000, NIST, TPRM) (Shorter notice period)

Job Description

The Opportunity:

“FICO is seeking an Application Security Engineer to join our growing Information Security Office. This is a full-time regular position, and a great opportunity for an individual with strong web development skills or great interest in security that would like to move into the exciting field of application security.” – Hiring Manager.

Job Responsibilities:

• Conduct both internal and external audits to ensure compliance with all industry-mandated regulations.
• Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures.
• Monitor activities of assigned IT areas to ensure compliance with internal policies and standards.
• Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance.
• Provide guidance to business functions on compliance/security-related matters.
• Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings.

Qualifications:

• Bachelor’s degree in the field of Information Security, Computer Science or highly related program.
• Proven experience in security, compliance, or highly related roles.
• Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
• Understanding and experience with ISO 27001, PCI DSS, SOC2 & CSA STAR.
• Experience or understanding of governance, risk and compliance (GRC) processes and solutions.
• Experience in information security and auditing.
• Desired certifications: PCIP, ISA/QSA, CISSP, CISA, CISM, and related GIAC.
• Background in security controls, auditing, network and system security.
• Ability to express technical concepts in business terms.
• Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently.
• Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change.
• Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status.
• An inclusive culture strongly reflecting our core values: Act Like an Owner, Delight Our Customers and Earn the Respect of Others.
• The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences.

Our Offer to You:

​

• An inclusive culture strongly reflecting our core values: Act Like an Owner, Delight Our Customers and Earn the Respect of Others.
• The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences.
• Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so.
• An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie.