Title : Information Security Specialist
The Division :
The Perseus operating group of Constellation Software Inc, is a portfolio of vertical market enterprise software companies.
The Perseus operating group's companies acquire and operate independently managed software companies around the world, providing them with the strategic guidance and financial security they need to become leaders within their respective markets.
The Position :
As Information Security Specialist for the Perseus operating group, you will support the Perseus operating group's central privacy team and certain companies within the Perseus operating group to meet federal, state and agency security requirements by working with Perseus operating group IT, Sales and Support as well as working with specific business units to understand and communicate industry security and compliance related topics.
We are looking for individuals who move fast, can break down and solve complex problems, and have a strong will to get things done.
The successful hire will report to the Perseus operating group's Privacy Officer and will be located in one of our Contour Offices (with a preference for Contour's Karachi office).
Work with the Perseus operating group's Privacy Officer and individual Perseus operating group business units to own and drive Governance, Risk, & Compliance.
Examine technical problems and provide basic engineering and additional support in solving the problems. It is the responsibility of the Information Security Specialist to make sure that all information systems are functional and secure.
Document and implement information security policies and standards (such as NIST, SANS, ISO 27001, PCI-DSS, GDPR, CCPA) specific to certain business units.
Contribute towards the execution of policies, standards and procedures specific set by enterprise standards and industry specific standards as they apply to security governance, risk, and compliance requirements
Perform security risk assessment activities, including third party evaluation and management, and related analysis, including ongoing compliance monitoring in coordination with the Privacy Officer and external team members.
Plan and support the execution of risk mitigation actions established as the result of risk assessments and related analysis
Contribute to the production and improvement of the content, quality, and timing of security governance, risk and compliance analysis and reporting.
Monitor and evaluate security measures to protect against reasonably anticipated threats or hazards to the privacy, security, or integrity of protected information (PHI, PII, PCI)
Manage external audits and assessments, oversee audit findings and management actions plans. Ensure corrective actions are taken.
Develop project plans, estimations, specifications, flowcharts, and presentations.
Perform tasks as set forth by the Privacy Officer.
Analyze the future needs of customers and the enterprise, and translate these actions to enhance and mature the Security and Compliance program
Bachelor's Degree in Information Technology or related technical field.
Candidate should have a minimum of 5+ years either Information Security Risk or Cyber Security Risk experience.
3+ years in cloud-based environments (AWS, GCP, Azure, etc.) with cloud governance experience
Must have one or more of the following certifications :
CISM, CISA and / or CISSP
AWS Google Azure Certified
Cloud Security Alliance (CCSP, CCSK)
Sound working knowledge of industry best practices (NIST, ISO, SANS, COBIT, CERT) and Legislative and Regulatory and Industry Compliance Requirements (Sox, PCI, CCPA, etc.).
Clear understanding of SDLC process and how Security validation is tied to that
Must have exceptional written, verbal and presentation communication skills.
Ability to facilitate cross-functional teams.
Ability to translate business requirements into control objectives.
Strong project management skills.
Exciting Benefits we offer :
Medical Coverage Self & Dependents
Parents Medical Coverage
Employee Performance-based bonuses
Home Internet Subsidy
Profit Sharing Plan Tenured Employees Only
Child Care Facility
Company Provided Lunch / Dinner
Professional Development Budget
Recreational area for in-house games
Sporadic On-shore training opportunities
Friendly work environment