Director, Security Compliance

Infoblox   •  

Tacoma, WA

Industry: Technology

  •  

5 - 7 years

Posted 32 days ago

Description

Infoblox is seeking a Senior Manager, Security Compliance to lead our Corporate Governance, Risk and Compliance function. This position is based in Tacoma and will report directly to the CISO who is based in Santa Clara, CA. You will contribute to the design and monitor the control environment here at Infoblox, with an eye towards our regulatory requirements, current and future (SOC2, FedRAMP, SOX, NIST CSF)

At Infoblox we are taking a fresh and innovative approach at controlling, analyzing, and securing networks by intelligently managing core network services (DNS and DHCP)

Responsibilities:

  • Create and maintain documentation of test scripts, test results, issues/control gaps, corrective actions, and status
  • Conduct risk assessments using industry standard frameworks and guides the risk management process
  • Support the security exception management process
  • Build and maintains database of risk assessment questionnaires, responses, and mappings to industry standard frameworks and regulatory requirements.
  • Manage 3rd party risk
  • Respond to customer security/compliance questionnaires
  • Establish and maintain security metrics and reporting
  • Support collaborative working relationships with members of other functional teams within Infoblox
  • Act in a delivery focused manner with willingness to perform and manage all tasks required to complete the job and meet deadlines, including administrative and documentation-oriented tasks
  • Perform and automate monitoring of security controls

Requirements:

  • Candidate must have 5+ years working in governance, risk and compliance and/or information security and risk management
  • Functional knowledge of the CISSP security domains and information security industry standard and best practices
  • Functional knowledge of applicable security regulatory requirements (SOX, GDPR)
  • Functional knowledge of ISMS governance models (i.e. ISO 27001, NIST-CSF, CAIQ)
  • Functional knowledge of common security certifications (i.e. ISO 27001, SOC1, SOC2, Webtrust)
  • FedRAMP certification knowledge a plus
  • GRC Tooling knowledge a plus (ZenGRC, MetricsStream, etc.)
  • Ability to communicate risk methodologies and concepts to the business
  • Ability to lead a small staff of Compliance Analysts
  • IT Audit background
  • Ability to work in a fast-paced environment and handle ambiguity, while meeting objectives and deadlines
  • Demonstrated experience with controls definition, development, implementation and assessment
  • Strong interpersonal skills and ability to work effectively with diverse and distributed teams
  • Strong attention to detail with a focus on the completeness, accuracy, integrity, security, and confidentiality of theinformation handled and activities performed
  • Project management and organizational skills

The ideal candidate will possess…

  • Experience with SOC2, FedRAMP, SOX, NIST CSF
  • Risk management experience
  • Strong consulting skills

Education:

  • 4-year college degree preferred

Perks:

It’s an exciting time to be at Infoblox. We are the market leader in Technology for network control. Our success depends on bright, energetic, talented people who share a passion for excellence in building the next generation of networking technologies—and having fun along the way. Infoblox offers a fast-paced, action-oriented environment. We promote a culture that embraces innovation, change, teamwork, and strong partnerships. Join the winning IT Infoblox team—our future looks bright, and so will yours.