Have you implemented legal and regulatory requirements derived from info sec standards? Do you have experience with vulnerability management and penetration testing tools? We’re looking for a highly driven expert collaborator to join our team as a Security Compliance Engineer II, where you’ll drive the design, development and implementation of a robust security compliance framework within our Labs organization. In this role, you’ll work closely with Agile Development, Cloud Hosting & Engineering, Information Security, General Counsel, and Product Management teams to create processes for security compliance controls and evidence gathering, ensure that products anticipate internal and external compliance requirements, and continually improve the effectiveness of our overall security compliance capabilities. If you’re a skilled relationship-builder who’s passionate about the advancement of web security, let’s talk!
iCIMS extends a work culture unlike any other East Coast-based technology provider. We focus on hiring candidates who display our seven core competencies: passion, drive, transparency, adaptability, empathy, kaizen, and customer commitment. If you eat, sleep, and breathe our competencies and desire to work in a casual yet results-driven environment that embraces innovation, then you’re just what we’re looking for!
iCIMS is a high-growth Software-as-a-Service (SaaS) company that’s voted one of the Best Places to Work in New Jersey. We are the industry's premier recruitment software provider, delivering technology that supports approximately 3,500 organizations around the globe. We are growing fast, which creates a lot of opportunities for career growth within our organization. Come grow with us. Apply today!
• Collaborate with General Counsel and Information Security to lead the design, development and implementation of a compliance system to satisfy internal and external regulatory requirements
• Create processes within the Labs department for security compliance controls and evidence gathering in a cloud environment
• Measure the success of security solutions towards compliance requirements with metrics and dashboards, continually improving the effectiveness of the overall security compliance capabilities
• Partner with the General Counsel Office to provide guidance on the implementation of legal and regulatory requirements within the products
• Educate the engineering teams on compliance requirements within the products
• Provide training to the agile teams with regards to data processing and retention
• Engage with Information Security to identify security issues and risks in all Web and Mobile products and cascade the information to Labs
• Collaborate with General Counsel, InfoSec, and Customer Service teams to review and evaluate Security tickets in production and work to address them with the agile teams
• Assist and mentor the Engineering team on best practices as part of Center of Excellence
• Track compliance violations using JIRA
• Work with engineers to develop and test security fixes
• Support customer and audit requests, as needed
• Consistently ensure that business is conducted with integrity at all times and that behavior aligns with iCIMS’ policies, procedures, and core competencies
• Minimum of 2 years of experience with the implementation of legal and regulatory requirements derived from information security standards such as ISO/IEC, NIST, PCI-DSS , HIPAA, CSA, SOC, etc.,
• Minimum of 2 years of software experience of web based products
• Familiarity with Agile environment is a plus
• Experience with vulnerability management and penetration testing tools
• Passion for the advancement of web security and basic concepts of programming
• Strong communication & interpersonal skills
• Self-motivated, able to learn and research issues independently
• Ability to apply risk based methodologies to information security issues
• BA/BS in Computer Science or a relevant Engineering degree, or equivalent experience
iCIMS is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, protected veteran status, disability status or any other characteristic protected by law.