Cybersecurity Compliance Lead

hace 12 horas


San José, Costa Rica Ex2 Outcoding A tiempo completo

The Governance, Risk, and Compliance (GRC) team handles a wide range of cross-functional activities, from security compliance certifications and audits, to risk management, inbound and outbound due diligence, security awareness, policy and procedures, and more.
Each of these ongoing parallel activities entails interpreting and setting requirements, assessing the effectiveness of security controls, risk-based decision making, cross-functional collaboration and communication, and staying up-to-date on security best practices and how changes in the evolving threat landscape need to inform our strategy.
The Cybersecurity Compliance Lead is a hands-on and high energy program leader who can operate independently in achieving our team objectives.
The team's primary objective is to assist in overseeing the Security Compliance program enterprise wide.
**Responsibilities**
- Assess effectiveness, scalability and reliability of security controls and automate assessments in enterprise or cloud environments
- Monitor and ensure compliance with new regulatory requirements, information system security policy and procedures
- Manage security compliance programs and examinations while working to standardize and optimize controls and procedures across SoFi
- Define and execute existing or new compliance initiatives (SOC1, SOC2, ISO27001, PCI, FedRamp)
- Assess and track compliance with regulatory and legal requirements relevant to the SoFi business such as GLBA, FINRA, State
- Cybersecurity requirements (i.e., NYDFS, Colorado Security Act etc..) and contractual commitments
- Maintain security diligence programs for investors, partners, and prospective partners.
- Lead the escalation and resolution of risk and compliance issues with appropriate leadership cross functionally
- Metrics driven, understands, develops and delivers meaningful risk-based operational metrics, dashboards and reports to a wide audience demonstrating our current program state and adherence to frameworks and standards

**Minimum qualifications**
- BS degree in Computer Information Systems or related field
- 7+ years of experience with security-related regulatory compliance for financial services
- Strong leadership skills
- Experience managing PCI DSS, ISO 27001, SSAE18, or other compliance standards and framework programs
- Strong knowledge of security risk management and running audits/certification programs
- Knowledge of, or experience working with, Cloud technologies/environments, AWS or other related cloud experience
- Self-starter with strong interpersonal and communication skills
- Demonstrate ability to assimilate new knowledge quickly
- Comfortable working in a fast-paced, dynamic environment

**Preferred qualifications**
- Big 4, or management/IT consulting experience
- Relevant certification (e.g., CISA, CISSP) or equivalent expertise
- Have a detailed knowledge of NIST
800-53/800-37
, CNSSI 1253, SOC1, SOC 2, PCI, or ISO 27001 standards and understanding of evaluating the design and effectiveness of IT controls working directly with auditors for these types of assessments
- Ability to review technical reports and provide risk mitigation solutions from activities such as Penetration Testing, Vulnerability
- Understanding of AWS cloud computing services/deployment architecture (IaaS, PaaS, SaaS) through experience in operating them or obtaining certifications
- Location

San José, San Jose
- Department

Recruiting
- Employment Type

Full-Time
- Minimum Experience

Manager/Supervisor
- Compensation

USD $



  • San José, San José, Costa Rica Atomic Hr A tiempo completo

    We're a remote-first team at Atomic Hr, connecting talented tech professionals with innovative startups worldwide.The Cybersecurity Compliance Solutions Expert will focus on renewing our client's SOC 2 certification and managing HIPAA compliance processes.Key Responsibilities:Lead the preparation and execution of the SOC 2 audit renewal processConduct a...


  • San José, San José, Costa Rica Atomic Hr A tiempo completo

    We are seeking a highly skilled Cybersecurity Compliance Consultant to join our team at Atomic HR. As a trusted partner in the industry, we help talented tech professionals find remote career opportunities at innovative startups worldwide.Company OverviewThe client is a venture-backed startup simplifying access to essential benefits for frontline workers....


  • San José, San José, Costa Rica Pfizer A tiempo completo

    Role Overview- At Pfizer, we strive to make compliance simple and develop logical, robust, and cost-effective compliant processes and services.The Associate Risk Management Exception Management role is responsible for evaluating risk exceptions against agreed criteria, documenting them properly, and executing them upon.They will partner closely with Pfizer...


  • San José, Costa Rica Atomic Hr A tiempo completo

    We connect talented tech professionals in Latin America and Canada with remote career opportunities at innovative startups worldwide.We specialize in finding roles that align with your skills, experience, and career goals.Our personalized approach ensures you're matched with companies that value your contributions and offer opportunities for growth.Whether...


  • San José, Costa Rica Atomic Hr A tiempo completo

    We connect talented tech professionals in Latin America and Canada with remote career opportunities at innovative startups worldwide.We specialize in finding roles that align with your skills, experience, and career goals.Our personalized approach ensures you're matched with companies that value your contributions and offer opportunities for growth.Whether...


  • San José, San José, Costa Rica Palo Alto Networks A tiempo completo

    Improve Cybersecurity Quality at Palo Alto NetworksWe are seeking a highly motivated Lead Cybersecurity Quality Assurance Specialist to join our Digital Web QA team. As a key member of this team, you will be responsible for developing and implementing a comprehensive quality strategy that ensures the delivery of high-quality software products.Your...

  • Cybersecurity Engineer I

    hace 12 horas


    San José, Costa Rica Emerson A tiempo completo

    **Duties and Responsibilities**products, solutions and compliance.The major responsibilities of the Cybersecurity Engineer Iinclude providing technical support of Emerson PWS cybersecurity solutions to customers andinternal Emerson PWS engineers; as well as, effectively diagnosing and resolving Ovationproduct related issues, as necessary.Therefore, in...

  • Cybersecurity Expert

    hace 1 semana


    San Francisco, Heredia, Costa Rica Ibm A tiempo completo

    About the RoleWe are seeking a highly skilled Cybersecurity Expert to lead our operational excellence efforts. This is an exciting opportunity for a motivated individual to join our team and drive business growth through innovative security solutions.ResponsibilitiesProvide strategic leadership and oversight to ensure seamless operational execution of...


  • San Francisco, Heredia, Costa Rica Sysco Costa Rica A tiempo completo

    The Chief Cybersecurity Risk Manager plays a pivotal role in Sysco Costa Rica, overseeing the implementation of robust cybersecurity measures across the organization.Key Responsibilities:Direct and manage regional Security Leads to ensure effective risk management and mitigation strategies are in place.- Translate policy directives from the Cybersecurity...


  • San José, Costa Rica Ynv Group A tiempo completo

    Overview:Tek is seeking a highly skilled and experienced Cybersecurity Architect and GRC Manager with expertise in Governance, Risk, and Compliance (GRC) to join our dynamic team.The role revolves around offering expert guidance and support in cybersecurity architecture and Governance, Risk, and Compliance (GRC) as a service tailored to meet the unique needs...


  • San José, San José, Costa Rica Equifax A tiempo completo

    About the Role:We are seeking a highly skilled Cybersecurity Operations Lead to join our team at Equifax. In this role, you will have the opportunity to lead and support SOC analysts, assisting in complex investigations and providing regular training.Key Responsibilities:Work closely with other SOC shift leads to oversee daily operations and assist with...


  • San Francisco, Heredia, Costa Rica Ibm A tiempo completo

    About IBM CloudDigitization is accelerating the ongoing evolution of business, and clouds - public, private, and hybrid - enable companies to extend their existing infrastructure and integrate across systems. IBM Cloud provides the security, control, and visibility that our clients have come to expect.Cybersecurity Project Manager RoleWe are working to...


  • San José, San José, Costa Rica Splunk A tiempo completo

    About SplunkSplunk is a leading software company that provides solutions for machine data analytics. We're committed to delivering exceptional customer experiences and fostering a culture of innovation, collaboration, and fun.The Role: Security Sustainability LeadWe're seeking an experienced cybersecurity leader to join our team as a Security Sustainability...

  • Cybersecurity Engineer

    hace 5 días


    San José, Costa Rica Moody's Investors Service A tiempo completo

    The Cybersecurity team is globally responsible for helping the organization balance risk by aligning policies and procedures with Moody’s business and regulatory requirements. The team is responsible for the development, enforcement and monitoring of security controls, policies and procedures, disaster recovery programs, GRC (Governance, Risk and...


  • San Francisco, Heredia, Costa Rica Experian A tiempo completo

    At Experian, we are redefining the way our clients do business within all aspects of the customer credit lifecycle. Fueled by best-in-class data and innovative technology, we help businesses make smarter decisions, identify consumers, and collect payments. As a Senior Security Control Assessor, you will play a key role in ensuring the effectiveness of our...


  • San José, San José, Costa Rica Vs-Staffing A tiempo completo

    Job OverviewAt Vs-Staffing, we're seeking an experienced Cybersecurity Specialist to join our team. As a key member of our incident response team, you'll play a crucial role in ensuring the security and reliability of our systems.About the RoleWe're looking for someone with at least 3-5 years of experience in cybersecurity, with a strong focus on incident...


  • San Francisco, Heredia, Costa Rica Stryker A tiempo completo

    At Stryker, we're driven to make healthcare better. We're seeking a skilled Sr. Lead Risk Analyst, Cyberrisk Management to join our team.About the RoleThis is an exciting opportunity for a seasoned professional to lead risk management initiatives and drive cybersecurity assessment processes. You will be responsible for ensuring compliance with Stryker's...


  • San José, San José, Costa Rica Vs-Staffing A tiempo completo

    Job SummaryVs-Staffing is seeking a seasoned Sr. Site Reliability Engineer to join our team. The ideal candidate will have a minimum of 5-7 years of experience in site reliability engineering, including leadership roles or substantial project management experience.About the Role:Leadership and Mentorship: Direct and mentor junior SREs, fostering a culture of...


  • San Francisco, Heredia, Costa Rica Boston Scientific Corporation A tiempo completo

    At Boston Scientific Corporation, we recognize the importance of a diverse and inclusive workplace in driving innovation. As a global leader in medical devices, we strive to create a better work environment that reflects the needs of our employees and the patients we serve.About the RoleThis is an exciting opportunity to join our team as a Cybersecurity...


  • San José, San José, Costa Rica L. L. Bean A tiempo completo

    We are seeking a highly skilled Cybersecurity Analyst to contribute to our team's service delivery.About the RoleThe successful candidate will perform vulnerability assessment, scanning, and penetration testing of internal and external systems. They will also be responsible for managing attack surface tools and providing analysis of findings to project...