United States onlyProwess Consulting is a consulting firm that specializes in helping the largest enterprises in the technology industry define, manage, benchmark, and market their solutions and services. We take great pride in investing the time and effort to gain a deep understanding of our clients’ technologies, their customers, and the stories and strategies they need to tell to be successful in the market. Our team of technology and marketing experts is immersed in the technology trends that affect our clients’ businesses, so we can add value at every stage of engagement to help them succeed.
Who You Are
As a security compliance manager, you will play a pivotal role in driving the development and compliance of key features for our client’s products. You will work closely with cross-functional teams to ensure that all features meet the necessary security and compliance standards and are ready for both preview and external product releases. Your responsibilities will include coordinating with the software engineering feature teams and compliance teams, as well as managing compliance assessments and addressing any compliance-related issues.
To be considered for this role, you must reside in one of the following states: Alabama, Arizona, California, Colorado, Connecticut, Georgia, Illinois, Iowa, Michigan, Minnesota, Mississippi, Missouri, New Jersey, New York, North Carolina, Oregon, Pennsylvania, South Carolina, Texas, Utah, Virginia, or Washington.
This is a three (3) month, full-time role that can be worked remotely, however, collaboration with teammates centered in the Pacific time zone will be essential. No third-party agencies, please.
THE ROLE
Drive end to end execution of security assessments that include:
- Creating assessment questionnaires
- Conduct kickoffs, review assessment responses, and identify risks/control gaps from a risk management perspective
- Perform risk scoring exercise and maintain risks in the risk register
- Track implementation (and adherence) of security requirements across engineering groups/teams
- Collaborate with partner teams to build continuous monitoring capabilities/reports for security requirements
- Validate compliance to security requirements and drive compliance sign off process for upcoming releases
- Coordinate with partner teams on security scope and finalize implementation requirements
- Support strategy and roadmap development for existing and emerging cybersecurity certification and/or regulatory requirements for internal/external audit needs
- Support risk management process enhancements
- Support the development and ongoing maintenance of Standard Operating Procedures (SOPs)
- Work with assigned groups to ensure security compliance
- Create and maintain risk dashboards using Power BI or similar tools and report to leadership
- Socialize risks/control gaps with service owners
- Support certification and audit preparation efforts for internal and external regulatory requirements.
- Drive execution of Security Compliance frameworks (NIST, SDLC, etc.)
- 3-4+ years of Program Management experience necessary
- Strong interpersonal and written communication skills
- Demonstrated ability to own and drive programs and initiatives by working through ambiguity with a large amount of flexibility
- Familiarity with cybersecurity, risk management and audit best practices required
- Strong understanding of security and supply chain concepts, standards, and control frameworks
- Strong understanding of regulatory frameworks, such as NIST, ISO and CIS, and the ability to interpret requirements into actionable workstreams
- Working experience with Cyber EO and/or Cyber Resilience Act (CRA) is strongly desired
- Good track record of working collaboratively and effectively with senior leaders and teams across organizational boundaries
- Experience influencing others without authority
- Experiences building PowerBI dashboards or producing dashboard specifications
- Experience using a variety of tools to manage compliance such as S360, ADO are desired
- Must have stellar organizational skills and be able to work well with multiple technical groups and stakeholders in multiple areas
- The offered base pay range for this specific position is $95,000 - 105,000 per year, DOE
- Base Pay ranges are different for different work locations within the U.S., which allows for competitive pay and consistency
