Global Risk Compliance Manager

About Cyware

Cyware delivers an innovative approach to cybersecurity that unifies threat intelligence, automation, threat response, and vulnerability management with data insights gleaned from assets, users, malware, attackers, and vulnerabilities. Cyware’s Cyber Fusion platform integrates SOAR and TIP technology, enabling collaboration across siloed security teams. Cyware is widely deployed by enterprises, government agencies, and MSSPs, and is the leading threat intelligence sharing platform for global ISACs and CERTs. 

Your next opportunity starts here!

More on Cyware: (www.cyware.com) 

Built and designed by SecOps practitioners and cybersecurity leaders, Cyware offers multiple technologies within its Cyber Fusion platform, including advanced threat intelligence solutions (TIP) for large and small security teams, vendor-agnostic security automation (SOAR), and purpose-built security case management. As a result, organizations can increase speed and accuracy while reducing costs and analyst burnout. Cyware’s Virtual Cyber Fusion solutions make secure collaboration, information sharing, and enhanced threat visibility a reality for enterprises, sharing communities (ISAC/ISAO), MSSPs, and government agencies of all sizes and needs.

Come join an exciting cybersecurity product startup that just closed Series C funding round!

Why We’re Hiring

The Global Risk Compliance Manager is a critical position within Cyware. The candidate will act as the technical subject matter expert in maintaining information security compliance with applicable laws, licenses, and regulations in the regions that we do business. The Cyber GRC Manager will provide extensive understanding of the cybersecurity space and advise Cyware on certifications required and processes. This person will also be responsible for ensuring information security compliance across the entire global organization.

What You’ll Do

• Responsible for implementing and maintaining procedures and controls to assure security compliance with applicable regulatory, contractual, and legal requirements as well as good business practices
• Work closely with business, technology, and compliance counterparts to understand business objectives, initiatives, and ensure alignment with cybersecurity policies and best practices
• Lead the annual security program roadmap and status reporting on initiatives and KRIs. Create presentation materials and lead discussion for key stakeholder meetings.
• Ensure applicable standards and regulations pertinent to Cyware are effectively implemented and act as an advisor to all managers
• Conduct analysis of new regulations that impact the information security  program.
• Coordinate external reviews and/or assessments from regulators, audit firms, and client due diligence requests.
• Own the security risk register and the ongoing management of inherent and residual information security risks. 
• Prepare heat maps and analytics of known risks.
• Operationalization of a metrics and reporting function to continually report on meaningful information security risk and compliance metrics for operational and executive management
• Work closely with the VAPT team
• Create and update the hardening checklist
• Conduct global training sessions regarding information security  for Cyware’s internal team

Who You Are

• US Citizenship is a requirement of this position in accordance with 8 U.S.C 1324b(a)(2)(C)
• Strong oral and written communication skills
• Strong problem solving and troubleshooting skills with experience exercising mature judgement
• Excellent teamwork and interpersonal skills
• General information security experience and knowledge of general security concepts, such as defense-in-depth, least privilege, security architecture and design, threat modeling, etc.
• Experienced in collaborating at all levels of an enterprise
• Creativity and initiative in work product, positive and helpful attitude proposing solutions to resolve problems
• Professional and technical certifications desired but not required such as CISM or CISSP
• Ability to reach technical and non-technical audiences across all levels of the organization.
• Must possess basic knowledge of networking, different operating system, endpoint devices and security devices
• Work experience related to information security and/or IT operational risk management is essential, across cloud and traditional IT patterns.
• Comprehension of the regulatory and legal landscape driving privacy/information security  (NY DFS, GDPR, CCPA, etc.)
• Experience in leading organizations through Information Security audits and certifications (SOC 2, FedRamp, ISO, etc.) 
• A solid understanding of current technology capabilities, and a keen interest in staying abreast of emerging technology trends and information security domains
• Experience in contracting, implementing, and managing security service providers.
• Experience with implementing and managing GRC software solutions for Information Security use cases.
• Manage end-to-end portfolio delivery in terms of schedule, cost, scope and quality; anticipate risks and issues that may arise during the delivery of the portfolio process and ensure that appropriate mitigation actions are in place
• Design, measure and assess key performance metrics to inform data-driven decisions
• Demonstrate accountability; lead people with passion, enthusiasm, loyalty and integrity
• Knowledge of business continuity framework and standards

We’re a lean team, so your impact will be felt immediately. If this all sounds like a good fit for you, why not join us?

You’ll love working at Cyware because:

• We foster an exciting and challenging start-up culture. 
• We’re not just employees. We’re people. We offer a comprehensive benefits package including time off, paid holidays, retirement plans, insurance coverage and much more.
• We’ll invest in your career. Our company is growing quickly and we will give you the opportunity to do the same. You will have access to a number of professional development opportunities so that you can keep up with the company’s evolving needs.
• We offer competitive compensation packages. We deeply value the talent our team brings to the table and believe that fair and equitable total compensation packages are part of our commitment to everyone who works here.
• We value diversity of people, culture, and ideas.

EEO Statement:

Cyware is dedicated to hiring a diverse workplace that celebrates an inclusive culture and a sense of belonging. As an equal opportunity employer, we do not discriminate based on race, color, religion, sex (including pregnancy, gender identity, gender expression, and sexual orientation), national origin, age, veteran status, genetic information or disability.

How to Apply

Apply right here. You’ve found the application!