Our Client established in 2014, is a Hot fasttrack fintech company, that offers an enterprise SaaS platform deployed on AWS.
The solution automates the entire home loan lending process.
They can be referred to as a B2B B2C White label company and headquartered in San Francisco, CA Our Client is transforming the mortgage industry with an innovative and integrated platform that s streamlining the entire digital lending experience.
They believe that home lending should be a fair, fast, and transparent experience.
Their software is used by banks across the country to improve lending experiences every day.
They are a team of innovative thinkers on a mission to reinvent the lending experiences so people can accelerate their future.
As a Security Compliance Manager, your mission will be to ensure that their environment and customer data remains secure.
This is a hybrid role in that you will use your strong expertise to proactively test various security controls in their cloud infrastructure and monitorrespond to security threats from various sources.
You will also ensure all internal and external stakeholders including employees, customers and partners are well informed on our security policies and practices.
RESPONSIBILITIES Gather and analyze information security requirements from various sources including, but not limited to from ISO, SOC, NIST, GDPR, GLBA, Customer.
Or 3rd party audits.
Define and manage internal security policies, processes, and standards Advise on information security controls based on the identified security requirements and defined security policy and standard Monitor, test and enforce the effectiveness of those security controls against defined security policy and processes Perform audit to ensure the security controls are being followed as defined Assist customer and 3rd party audit on security-related areas Enforce and drive remediation on any identified deviations or control gaps either generated by internal audit, customer audit or 3rd party audit Collect metrics to measure the effectiveness of the security controls Manage information security risk acceptance, exceptions, and deviations Increase employee security awareness via training and exercises such as phishing attack simulation Assist supplier security assessment Engage with information security marketing and sales activities Provide security-related marketing materials Review and respond on customer security inquires via questionnaire, etc.
Advise on contractual security requirements negotiation Present to customers on information security programs at Roostify SKILLS EXPERIENCE 3 years of experience with security compliance including delivering security training 3 years of experience with AWS technologies and recommended security best practices Excellent written and verbal communication able to explain concepts to both technical and non-technical audiences Excellent project and program management skills Ability to prioritize multiple requests between security projects and greater business needs