At Shire, we are proud and grateful to employ military veterans and thank them for their contributions to our company and our country. See where your military experience can play a role at Shire by using our military skills translator job search tool below:
Overview
Come join the Intuit Information Security Organization at Intuit! We are looking for an innovative professional to join a world class team.
As the security compliance and risk landscape expands, our need to scale to identify cybersecurity risks and develop appropriate controls and mitigations is becoming more critical within our internal and external environment. We are looking for a motivated, innovative, passionate Governance, Risk and Compliance Technical Compliance Staff who will be transforming the traditional check-the-box risk assessment process to an automated, on-demand and continuous model. This professional will drive the security risk assessment process, risk methodology and register processes, and partner cross functionally to define risk treatment plans, and monitor and report out the plan milestones to completion. You will also partner with the engineering team to automate the end to end process.
Intuit prides itself on being innovative, bold, and passionate. This is an exciting position supporting our most important regulatory compliance requirements and cybersecurity leadership risk needs. The Security Technical Compliance Staff has the opportunity to innovate in a cloud environment and re-imagine security risk management processes while working boundaryless across Intuit.
What you'll bring
BA/BS in Engineering, Computer Science, Information Systems or equivalent.
7+ years of experience in cross-functional security and compliance related projects
Operational experience with public cloud environments and technologies such as Amazon Web Services or Google Cloud
Working experience in performing risk and control self assessments using industry accepted frameworks such as ISO 31000, NIST 300-37, NIST 800-37 or NIST 800-30
Proven expertise leading cross-functional teams building partnerships across multiple business units and executing effectively
A self-motivated person who can influence and drive cross-functional, cross-geo teams, promoting timely and effective communication
Experience with regulatory and compliance frameworks such as PCI DSS, ISO, NIST 800-53, and/or SSAE16/SOC in cloud environments preferred.
Certifications such as CRISC, CISA, CISSP, or equivalent preferred.
Readiness to become a thought leader for aspects of cyber security across multiple domains
Ability to work well with multi-disciplinary teams focusing on user and customer needs
Ability to work in a fast paced and collaborative setting with proven high quality work product
Strong customer focus with ability to interpret and utilize the data
Strong program management skills
Must possess strong consulting, documentation and presentation skills
Good organizational skills, proactive and self-sufficient with a proven ability to work independently and prioritize deliverables.
How you will lead
Drive CyberCRAFT’s Risk Management Methodology and processes, working to identify sources of cybersecurity risks, and document risks in a consistent manner to help drive planning and risk mitigation processes.
Develop, implement, and lead the execution and continuous improvement of cybersecurity risk management framework, processes, procedures and activities.
Benchmark risk management processes, dashboards with peer companies
Ensure the risk management process continuously aligns with industry best practices and industry standards
Perform security and compliance risk assessments across the organization to allow for effective identification and management of cybersecurity risks.
Partner across teams to develop and monitor risk response plans, the effectiveness of risk mitigation strategies, progress against plans, and validate completion of plans.
Work with senior leaders to establish and improve integration of risk management process into strategic planning processes
Define risk metrics and thresholds with Risk Owners to identify and drive additional action on cybersecurity risk.
Create a continuous view of cybersecurity risk dashboards and reports to provide timely and adequate risk information to technology management teams and bring risk visibility to senior leaders on Intuit’s cybersecurity risk landscape.
Lead Quarterly Risk Meeting with cybersecurity risk owners and leadership.
Liaise with other risk functions to share risk management best practices, align on risk management and response strategies, and bring an organizational wide view to top risks.
Interact with leadership to drive and support cross-functional cybersecurity initiatives, including providing subject matter expertise to cybersecurity risk assessment and other compliance processes.
Partner with the information security functional teams, architect and engineering community, legal and privacy teams.
Work well with others when conflicts arise: see opportunities, ensure alignment with objectives, find common ground and promote understanding of alternative viewpoints before driving for closure and cooperation.
Promote a security culture across Intuit
EOE AA M/F/Vet/Disability. Intuit will consider for employment qualified applicants with criminal histories in a manner consistent with requirements of local law.