Company Description
PurpleBox is the leading technology consulting company that focuses on solving business problems utilizing new technologies. We provide Cybersecurity, Cloud Computing, and DevOps consulting services that help businesses manage their business risk more effectively.
Job Description
Multiple Information Security Risk and Compliance Positions are available.
- Entry-level to mid-senior level
- Internship, Part-Time, Full Time
We are seeking to hire multiple Information Security, Risk, and Compliance professionals to work with our customers on risk assessment, compliance, and cybersecurity projects. As part of project delivery teams, these professionals are responsible for the execution, monitoring, and enforcement of the information security governance, risk management, and compliance projects. The successful candidate will oversee day to day execution of operational information security risk and compliance initiatives at PurpleBox and/or our clients.
Responsibilities:
- Manage and execute the day-to-day information security risk and compliance operational activities
- Develop and recommend appropriate information security policies, standards, procedures, checklists, and guidelines using generally recognized security concepts tailored to meet the requirements of the organization
- Identify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholders
- Communicate regularly with teams and staff as part of risk assessments, follow-up on open issues, status tracking, and other miscellaneous items.
- Independently design, recommend, plan, develop, and support implementation of project-specific security solutions to meet requirements
- Manage remediation of identified risks and vulnerabilities; identify those within the organization responsible for remediation tasks; track progress on remediation of identified risks and vulnerabilities and provide appropriate reporting to all constituents
- Provides regular reporting metrics on the current state of the program.
- Other duties as assigned
Qualifications
- Bachelor’s degree in Computer Science, Information Technology, Business Administration, or related field
- Experience in information security risk assessment, compliance and/or security operations
- Previous experience in one or more of the areas below is a plus:
- --- IT Security Strategy and Management
- --- Risk Management, IT Audit, and Compliance
- --- Network, System, Database administration, support and/or help-desk experience
- --- Application Security, Software Development
- --- Security Monitoring, Data Loss Prevention, Incident Response
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
- Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
- Working knowledge of relevant security regulations, standards and frameworks, including SOC2, ISO27000, PCI, HIPAA, and NIST CSF.
Professional certifications such as CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor) or other similar credential is a plus.
Additional Information
All your information will be kept confidential according to EEO guidelines.
Top Skills
What We Do
Secure Cloud Solutions Consulting and Managed Services
PurpleBox Security Services include assessment, design, implementation and management of information security, compliance, and technical security solutions.
- Compliance Assessment and Reporting
- Risk Assessment
- Vulnerability Assessment and Penetration Testing (VA/PT)
- Security Policy and Controls
- Vulnerability Scanning Services (PCI ASV, OS, Network, Database, Web Application)
- SCADA and Industrial Control Systems Security
- Security Configuration Baselines
- Security Monitoring and Threat Intelligence Services
- Application Security Testing Services
- Managed Web Application Firewall
PurpleBox is an Amazon Web Services (AWS) Partner and helps clients with their Cloud Transformation and Cloud Migration needs:
- Cloud Trasformation Strategy
- Current State Assessment
- Migration Project Management
- Cloud Architecture
- Cloud Security Architecture
- Security and Compliance in the Cloud
- Cloud Cost Optimization
PurpleBox Cloud Services are focused on providing its customers with the most complete and cost effective cloud solutions. From scoping and designing new environments, to decoupling and migrating complex existing platforms, our experienced team of certified professionals has a proven track record of delivery excellence.