Security Compliance Engineer

Job Title: Cyber Security Compliance EngineerLocation: San Jose, CADescription:Security Compliance Engineer - AWFThe Global Information Security team is responsible for driving security compliance activities for client payment gateway, Marketplaces, Corporate IT, and adjacent businesses. The Security Compliance Analyst will play a critical role working directly with business leaders to understand security compliance issues, lead technical compliance assessments and mitigation efforts, and develop effective remediation programs and actions to resolve compliance issues.Key ResponsibilitiesAbility to provide pragmatic guidance to business leaders and stakeholders that effectively balances security compliance risks with the needs of the business.Contribute to the growing information security and compliance program at client, including performing security compliance audits, identifying problems and areas for process improvementWork closely with internal business units and relevant departments to assess compliance and where necessary, provide support in remediating non-compliant areasHave a deep understanding of security controls, underlying business processes, concepts, practices, and tools used to promote adoption of applicable security standardsAdvise management on specific security requirements, implementations and the impact on business processes, applications and systems as neededGenerate periodic reports to teams and senior stakeholders and make practical recommendations to improve security practicesResearch and extract insights from industry standards and trends, apply them to the scope of internal controls and improve security practices and compliance in the companyFacilitate organizational adoption of new security controls, standards and best practices through thoughtful change management strategiesDocument security/technology control requirements and develop methods to meet new cyber security and compliance needs and requirements as needed.Coordinate compliance and audit activities with other groups.Requirements10+ years of security and compliance experience. Experience in eCommerce, Payments, or Technology space a plusExperience with/understanding of PCI DSS, SOC 2, ISO 27001, NIST and/or other industry standard control frameworks.Experience with managing third party audits including working with internal teams to collect evidence to be used in an audit.Strong technical understanding of security compliance requirements and solutions, as well as threats and challenges impacting the protection of information across an extended global enterprise.Possess general knowledge of networking, encryption, authentication, payment infrastructure, cloud infrastructure and application securityCapable of flexing between high level strategic concepts & frameworks to tactical operational implementationSelf-starter with a bias towards action and can thrive in a fast-paced and ambiguous environmentExceptional communication skills including clear and concise writing, an engaging presentation style, and group facilitationStrong teamwork skills with a demonstrated ability to collaborate across teams and roles