Security Compliance Engineer

Short company description

Euro-Testing Software Solutions is a privately-owned software company specialized in Full-Service Software Testing, Penetration Testing, Vulnerability Identification & Management, Application and Data Security, Static & Dynamic Code Analysis as well as, DevOps/DevSecOps, Robotic Process Automation, Implementation and Customization for Atlassian and Micro Focus (HPE) products.

Requirements

• Written and spoken English
• Other widely spoken European languages - written and spoken
• Information technology systems and processes, network infrastructure, data architecture, data processes, and protocols
• Applicable information security management, governance, and compliance principles, practices, laws, rules and regulations
• Incident response management
• Maintaining confidentiality
• Troubleshooting and operating a computer and various software packages
• Defining problems, collecting and analyzing data, establishing facts and drawing valid conclusions
• Preferably higher technical studies (e.g.: Electronics and Telecommunications, Automation and Computers, Informatics, etc.)
• Experience in cyber security programs, audits, assessments, risk, remediation, or cyber security compliance management.
• Solid technical background with understanding and/or hands-on experience in cloud and hosted environments and IT infrastructure technologies.

Responsibilities

• Implements security controls that align to regulatory requirements, ensuring documented and sustainable compliance that aligns with the company’s objectives.
• Improves the company’s security positioning through process improvement, policy, automation, and the continuous evolution of capabilities
• Implements processes, such as VMP (Vulnerability Management Process), to automate and continuously monitor vulnerabilities, solving actions, mitigation actions and risks. Develops reporting metrics and dashboards.
• Schedules regular assessments of controls and creates reports.
• Runs security controls and provides support to all stakeholders on security controls covering internal assets.
• Assess incidents, vulnerability management, scans, patching status, Cyber Security Baselines.
• Documents and reports control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities.
• Performs other related duties as assigned.
• Achieves Network and IT-like assets security compliance by executing compliance programs and completing documentation.
• Prevents compliance issues by collaborating with engineering and security teams, reviewing data, and running compliance policies.
• Prepares compliance reports by collecting, analyzing, and summarizing measurement data and trends.
• Attains compliance by isolating and resolving compliance issues, recommending product and process changes.

Other info

The Security Compliance Engineer updates and maintains control matrices and spreadsheets and provides recommendations for management’s consideration. This position ensures compliance with the company’s internal controls, regulatory and information security policies and procedures. Security Compliance Engineer works with internal audit, external audit firms to provide supportive documentation as applicable. Security Compliance Engineer takes a lead role in ensuring the security of all protected information collected, used, maintained, or released by the company.