Job description
Position Overview
Legato Security is a seeking Risk & Compliance Manager to take on an exciting leadership role in Salt Lake City, UT. The successful candidate will work directly with the risk and compliance team, our clients, internal staff, and third-party vendors to determine if compliance guidelines are met and risk is identified. The successful candidate will understand many different compliance frameworks, understand security risk and controls, and will have in-depth knowledge of general security best practices. Previous risk management, compliance, and audit experience is required. The candidate should have team management experience including project management, time tracking and performance reviews.
Specific Job Responsibilities
Internal: Manage the risk and compliance team, it’s current project load distribution as well as working with the sales and management teams to develop future client work- Internal: Manage internal audit and compliance processes and work with third party auditors to meet compliance obligations
- Internal: Perform and review internal risk assessments, and work with the team to implement controls and close identified gaps
- Internal: Manage internal controls to meet compliance obligations such as policy and procedure, quarterly checks, and access auditing
- Internal: Mange third party vendor risk management process for all vendors Legato Security utilizes or partners with
- Client-facing: Perform risk assessments using various security and compliance frameworks on client infrastructure as part of client engagements
- Client-facing: Write and deliver and review risk assessment reports with identified controls gaps and recommended remediation
- Client-facing: Work with clients to help them understand remediation actions, identified gaps, and explain the “why” of your recommendations.
- Client-facing: Perform third party vendor risk assessments of vendors utilized by clients who subscribe to vendor risk management services
- Client-facing: Perform specific compliance framework gap assessments in client requirements as part of services engagements
- Internal and Client-facing: Monitor and manage ongoing assessment controls to determine additional risk in real time
- General: Keep up to date with compliance framework changes, regulatory updates, and laws that may affect internal or client compliance and risk
Required Skills & Experience
Excellent written and verbal communication skills- Demonstrable analytical and problem-solving skills
- Understanding of many different compliance controls (NIST, CMMC, ISO27K, PCI DSS, HIPAA, GDPR, CPRA, FERPA, HITRUST, FedRAMP, SOX, etc.)
- Understanding of cybersecurity best practices and ability to keep up to date on new recommendations
- Ability to differentiate between different compliance frameworks and how they may apply to client environments differently
- Associate degree or equivalent experience in compliance, risk management, information technology, cyber security, or other related field
- Minimum 5 years’ experience working in compliance performing audits, risk assessments, controls alignment, and/or third-party vendor risk management
- Professional services management experience
- Previous experience working with outside clients is highly desirable
- Risk and compliance or security certifications such as CISSP, CRISC, CISA, CQA, etc. is highly desirable
- Salary and position level is dependent on experience
Perks
Start-up company in a growth phase with opportunity for advancement based on performance- Start-up culture with an office in downtown Salt Lake City, UT
- Competitive medical and dental benefits for employee and family members
- Other company-provided benefits such as 401K with company matching, short-term disability, basic life insurance, children’s orthodontia, with additional voluntary benefits available
- Flexible Paid Time Off policy
- Professional Development opportunities specific to role
About Us
Legato Security Partners is an information security firm founded upon the belief that every organization has the right to keep its data private and secure. Our mission is initiative and advantage on the cyber playing field by building close partnerships with our clients, serving them not as just a vendor, but as trusted advisors helping to build effective, proactive plans. Our focus is always on both the technical and human elements within an organization. We believe in comprehensive strategies designed to harden networks, deflect attackers, and rapidly recover from any accidents. As technology progresses, so too do our tactics, ensuring our experts are always prepared to serve forward-looking leaders eager to stay ahead of emerging threats.
Legato Security Partners continually delivers a higher-quality, technology agnostic security services to a broader range of customers. This delivery is characterized by prompt, candid communication and sophisticated automation. To accomplish this delivery, Legato Security proactively invests in, trains and rewards the core of its operations: the people that show up every day and make the company what it is.
E04JI8008a6v4015rb6
www.colinoncars.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, www.colinoncars.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, www.colinoncars.com is the ideal place to find your next job.