Full time position at client location in Santa Clara.
Reports to Sr.Director, Business operations.
Responsibilities
- manage ISO 27001 certification and various aspects of client's security and compliance framework.
- drive continuous improvement of network security workflows and processes through automation and innovation
- work with the IT team to detect and prevent any security threat(s) on the network of various computing platforms like Windows, Macs, Linux, mobile devices, heterogeneous networks, AWS, and Microsoft-365 environments.
- support new IT projects and implementations by working with end-users, cross functional teams, 3rd party vendors, and consultants
- Evaluate and propose best practices/standards, process improvements, and security policies to provide the highest availability, security, and data privacy levels.
- ISO Certifications Maintenance: Actively maintain ISO 27001 certification, regularly update policies, and ensure compliance through tools.
- Security Incident Management: Systematically record all security incidents detected through monitoring tools or reported by users, aligning with our established security policies.
- Vendor Security Assessments: Conduct detailed security assessments of vendors, reviewing SOC2 documentation and other relevant security credentials to ensure alignment with our security standards.
Qualifications
- Familiarity with administration of Microsoft 365, Sophos Central, Phishing campaigns, Okta, SaaS, IT HW support, VPN, Wi-Fi, network infra, etc.
- Experience in assisting engineering teams with development system configurations
- Ability to collaborate effectively with cross-functional teams, including IT, HR, and business units, to align initiatives with organizational goals and security objectives.
- Effective communication skills, both written and verbal, with the ability to convey complex security and information.
- You have 10+ years of experience supporting and deploying Windows, MacOS, and Linux systems.
- Familiar with requirements and security frameworks such as NIST CSF, ISO27001, or SOC2.
- Professional certifications such as CISSP, CISM, GSEC, GIAC, CEH, and CPT are preferred.
- Expert knowledge of AWS, Network Security Management, design, and deployment.