Career Growth, Flexibility and Collaboration!
Entrust is an innovative leader in identity-centric security solutions, providing an integrated platform of scalable, AI-enabled security offerings. Headquartered in Minnesota, we offer our colleagues the ability to work globally, in a flexible and collaborative environment. Our team makes an impact!!
The Company:
Entrust relies on curious, dedicated and innovative individuals whom anticipate the future and provide solutions for a more connected, mobile and secure world. Entrust’s technologies and expertise help government agencies, enterprises and financial institutions in more than 150 countries serve and safeguard citizens, employees and consumers.
We Believe:
Securing identities is most effective when we value all identities. We are committed to ensuring that, through diversity and inclusion, the many voices that make up our communities are heard. From unconscious bias training for managers to global affinity groups that create connections both within and across our enterprise, Entrust expects and encourages all individuals to accept and respect one another. And, of course, to be themselves.
Position Overview:
We are seeking a talented leader to join our InfoSec department. The Information Security Compliance Manager will lead and oversee security compliance advisory services to the Entrust organization and ensure that our information security compliance posture aligns with regulatory and contractual requirements.
Responsibilities:
- Provide management and leadership of the ISMS program supporting the implementation, operation and maintenance of the Information Security Management System based on the ISO/IEC 27000 series of standards, including certification against ISO/IEC 27001 and SOC 2
- Advice and support on Product related regulatory requirements and certifications such as ETSI, e-IDAS, UK DIATF, NIST 800-63
- Manage and coordinate external and internal audits and collaborate with these stakeholders to manage audits.
- Perform/support information security risk assessments designed to assess the control environment of the business processes, systems and services under review including third party risk assessments.
- Review new standards and regulations where applicable, work with various business functions to ensure on going adherence to enhance compliance and achieve business objectives ex: NIS 2 Directive, DORA, EU AI Act
- Support that maintenance and management of a system and control inventory including identification of supporting roles
- Develop remediation and corrective action plans with related governance and operational functions (such as Product, Engineering, Risk Management, IT, HR, Legal and Privacy)
- Support info sec compliance related RFIs and provide advisory to business, legal and sales teams in understanding the relevant obligations within contracts to limit company-wide security liability and align contract language with company security portfolio.
- Assists with development, review and revisions of information security policies, standards, procedures and guidelines as applicable.
- Assists with the development and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies and applicable laws and regulations.
- Update job knowledge by tracking and understanding emerging information security compliance practices and standards and frameworks.
- Review, prioritize and recommend information security improvements as they relate to the achievement of business goals and objectives.
Basic Qualifications:
- Bachelor’s Degree
- 8+ years of experience
- Strong Audit and Compliance background as a minimum
- Strong Security Governance, Risk and Compliance experience
- Experience enabling compliance and facilitating audits in support of ISO 27001, ETSI, SOC2
- In-depth understanding of IT Security concepts (threats, vulnerabilities, controls, countermeasures, risk management, etc.)
- Knowledge of information security functions (i.e., security operations, security engineering, security architecture, vulnerability Management, incident response functions)
- Excellent working knowledge of common IT Security technologies such as:
- Security Event & Information Management Systems
- Identity and Access Management Systems
- Single Sign-On and Two-factor authentication
- Firewalls, Content Filtering
- Anti-Virus software, Intrusion Detection/Prevention, Vulnerability Assessment software
- Excellent communication skills and the ability to work in a multi-disciplined environment
- Excellent problem-solving skills combined with the ability to work on multiple concurrent tasks with demanding deadlines
Preferred Qualifications:
- ISO 27001 lead auditor, or audit experience
- One or more relevant professional certifications (e.g. CISSP, CISM, CISA, CIPM etc)
About Entrust
Entrust is an innovative leader in identity-centric security solutions, providing an integrated platform of scalable, AI-enabled security offerings. We enable organizations to safeguard their operations, evolve without compromise, and protect their interactions in an interconnected world – so they can transform their businesses with confidence. Entrust supports customers in 150+ countries and works with a global partner network, we are trusted by the world most trusted organizations.For more information, visit www.entrust.com. Follow us on, LinkedIn, Facebook, Instagram, and YouTubeEntrust Corporation is an EOE/AA/Veteran/People with Disabilities employer.#LI-NR1For US roles, or where applicable:
Entrust is an EEO/AA/Disabled/Veterans Employer
For Canadian roles, or where applicable:
Entrust values diversity and inclusion and we are committed to building a diverse workforce with wide perspectives and innovative ideas. We welcome applications from qualified individuals of all backgrounds, and we strive to provide an accessible experience for candidates of all abilities.
If you require an accommodation, contact accessibility@entrust.com.
Recruiter:Neha Rathore
Neha.Rathore@entrust.com
