Information Security and Compliance Specialist 🔥
We are recognized on Built-in's Best Places to Work, including: Colorado Best Places to Work Colorado Best Midsize Companies to Work For Colorado Best Paying Companies SF Best Midsize Companies to Work For We are Inc. Magazine's Best Workplaces Honoree 2022
We’re seeking an Information Security and Compliance Specialist to assist with design and implementation of policies that protect HouseCanary’s operations, assets, and customer data.
What you'll do:
- Define, review, and update organizational policies, practices, training programs and standards that govern security and operational functions associated with HC’s systems, networks, and products
- Perform periodic audits on company policies, procedures, and processes
- Collaborate with cross-functional teams to facilitate remediation of compliance gaps
- Scoping and planning audits - coordinating and managing outside auditors
- Facilitating SOC 2 and ISO 27001 certifications, design and implement controls based on the ISO27001 and SOC standards
- Facilitate Business Continuity and Disaster recovery planning and testing
- Develop and implement Vendor Risk Management Framework Support legal team in ongoing regulatory, compliance and privacy efforts
What you have:
- Experience managing multiple projects and an intimate familiarity with process design, implementation, and evidence collection
- Knowledge of AWS, Azure or Google Cloud principles and their impact on audit preparation Knowledge of IT controls frameworks (NIST, ISO 270xx, CIS)
- General knowledge of IT systems (applications, operating systems, database, infrastructure)
- Degree in computer science, information security or related field Knowledge of privacy laws and regulations (CCPA, GDPR, PCI-DSS, HIPAA)
- Excellent communication and interpersonal skills 3+ years of corporate risk management, consulting, or related experience
- CISA, CISSP or equivalent certification
Special consideration given for:
- Passion for real estate data and analytics Experience with ITGCs related to SOX compliance
- MS in Management or Information Security
- Fantastic sense of humor