Security and Compliance Manager
The Security and Compliance Manager will develop and manage the company’s compliance roadmap. This role will be reporting to the Director of Technology and will be responsible for defining and conducting security & compliance program activities, developing effective metrics, reporting systems and managing external and internal audits.
Manage security and compliance projects across multiple teams, including operations, IT and development
Advise internal business stakeholders on security and compliance requirements and work in cross-functional partnership to help ensure those requirements are met
Develop internal policy and procedure documents to support the company’s security & compliance initiatives
Develop and own annual risk assessment, security awareness training, disaster recovery and business continuity plans
Manage the design and operation of any process or technology controls as required by PCI DSS and other applicable regulatory compliance frameworks
Coordinate external & internal security & compliance audit activities
Support the cross-functional technical compliance and privacy review process for new products and features in the company platform
Clearly explain our security & compliance program to third parties, including customers and vendors
Keep track of new regulations, industry best practices, and implement continuous improvement on an ongoing basis
5+ years of experience in an equivalent security and compliance related role
Strong knowledge of industry compliance standards as they relate to PCI DSS
Thorough understanding of digital forensics processing and procedures
Hands on experience in security systems, including firewalls, intrusion detection systems, intrusion prevention systems, anti-virus software, authentication systems, log management, content filtering, etc.
Keen attention to detail and accuracy is necessary in order to analyze and finalize documents
Organized, responsive, and able to gain support and consensus with multiple stakeholders
Strong communications skills, both written and oral
Ability to obtain or already have one of the following certifications: CISA,CISSP,GSEC,GCIH,GCIA,GWAPT,CIPP,CISM,ISC,CRISC,CHFI,CSP
Full-time members of the Lulus team will be eligible for comprehensive health benefits, paid time off, 401(k) with company match, and a fantastic employee discount!
Interested? Email firstname.lastname@example.org!