The Sr. Information Security Analyst is responsible for supporting and improving the information security governance, risk, and compliance function of Magic Leap.
Develops, implements, and ensures compliance of policies to protect the confidentiality, integrity, and availability of the organization's data. Identifies information risk, recommends appropriate risk treatment plans, and facilitates and monitors risk remediation tasks. Provides security training and promotes security awareness across the organization. Captures and documents results of control testing and facilitates and supports audit activities.
- Monitoring and advising on information security issues relating to the systems and workflow at Magic Leap to ensure the internal security controls for the organization are appropriate and operating as intended.
- Developing policies, procedures, and standards that meet exiting and newly developed policy and regulatory requirements such as: SOX, PCI, and GDPR.
- Addressing questions from internal and external audits and examinations.
- Creating, managing, and maintaining IT security awareness and risk/training curriculum.
- Planning, coordinating, managing, or performing both internal and external security assessments and audit evidence gathering exercises.
- Verifying the security of third-party vendors and collaborating with them to meet security requirements
- Coordinate with constituent groups to facilitate the implementation of all information security policies and development of information security standards and procedures.
- Defines and documents relevant information security principles, practices and delivers timely reports on relevant information security metrics.
- Trains and mentors less experienced Security team members.
- Typically, seven (7) or more years of information security or compliance experience.
- Four (4) or more years of experience conducting IT compliance assessments (Sarbanes-Oxley, PCI, etc.)
- Strong communication skills with the ability to influence across multiple levels and departments.
- Experience with information security in Cloud environments (SaaS, PaaS, IaaS) preferred.
- Bachelor's degree, Information Systems, Computer Science, Information Security or related field; or equivalent work experience.
- All your information will be kept confidential according to Equal Employment Opportunities guidelines.