Senior Cybersecurity Engineer

Senior Cybersecurity Engineering

As a Senior cybersecurity engineer with Convera, you will be the primary administrator of an automated GRC platform to support the Convera cybersecurity program and all the IT stakeholders.  You will also support efforts using this system for responding to regulator questions, independent audit, and customer assurance.  You will be working directly with internal technical teams as well as IT and business teams to track, monitor, and respond to ensure their GRC platform needs are appropriately supported, questions answered in a timely manner.

You will be responsible for:

• Manage, upgrade, modify, and provide support for the OneTrust GRC platform.
• Manage the GRC modules and business integrations for Cyber risk, Operational Risk, Third Party Risk, Privacy Risk, Control Management, Incident response, and Compliance reporting.
• Configure and manage global system configurations, users & groups, organizational hierarchies, permissions, reports & dashboards
• Work directly with the GRC vendor support and sales team to s
• Document and review business processes, responsibilities, risks, and controls as needed within the GRC platform.
• Deliver training and support on the GRC platform to internal stakeholders.
• Load and configure data streams for the GRC platform.
• Plan and maintain the workflow for reporting and administrative tasks.
• Manage the scope of compliance and risk requirements using the GRC platform.
• Design and update customized reporting from the GRC platform.
• Analyze new cybersecurity compliance requirements from all over the world to ensure GRC platform supports them.
• Lead the planning, execution, and delivery of GRC platform projects, ensuring they met company and security standards within budgets and timelines.
• Work with Security Program Team to ensure controls are followed continually and without material audit findings or qualifications.
• Facilitate, coordinate, and obtain risk and compliance reporting requirements from multiple stakeholders.
• Assist in internal and external audit efforts.
• Support new security and privacy compliance changes from all over the world.
• Assist on Risk Assessments
• Assist with vendor due diligence risk reviews and questionnaires to ensure supply chain compliance.
• Document, analyze, and report control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities.
• Assist in investigating internal and external information security risk and exceptions assessments.
• Help assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks.
• Inform the proper stakeholders of important concerns and hazards.
• Be proactive in seeking out areas for improvement and offer insightful advice and value-added guidance on process and control enhancements.
• Assist in Security Program Governance
• Assists in the management and oversight of security program functions in accordance with common industry standards.
• Work together with other stakeholders to link our corporate IT, procurement, and privacy departments with security program objectives.
• Maintain up-to-date knowledge of procedures and methods that serve to broaden team knowledge and industry expertise.
• Work with IT and business managers to champion security and compliance while reducing human administrative overhead for security.
• Assist in the creation, distribution, acknowledgement, and update of security policies, procedures, standards, and baselines within the organization.
• Assist with security incidents, outages, and customer grievances.

About You

• Have 2+ years’ experience in cybersecurity with a focus on compliance and risk in the finance and payment industry.
• Hands on experience with GRC automation systems such as OneTrust or similar systems such as Hyperproof, Archer, or ServiceNow. OneTrust Professional Certification preferred.
• Experience with working on IT systems in a global 24x7 operation with varying levels of uptime and security requirements.
• Experience with IT automation and reporting, preferable Microsoft Power BI.
• Have a strongly motivated to work independently, desire to learn and grow in a fast-paced, complex environment.
• Develop and manage project plans and budget/resource estimates as needed.
• A fast learner, able to manage details and complex needs.
• Are up to date with technology and compliance risks facing dynamic organizations, with an excellent understanding of the regulatory environment and the challenges to meet a rapidly evolving landscape.
• Have strong and honest communication skills as well as confident communicating verbally and in writing.
• Have basic experience in security and compliance with a focus on risk and security governance.
• Have a basic understanding of the finance industry, risk management, and cloud technology.
• Familiar working with industry-standard regulatory requirements (SOC1/2, PCI, GDPR, etc.) and technical standards (CIS, NIST, STIG, etc.)
• CompTIA Security+, (ISC)2 SSCP, GSEC, AWS Certified Cloud Practitioner, Azure Security Engineer Associate, Certificate of Cloud Security Knowledge or other industry recognized technical, or security certification(s) are preferred.
• Associate degree in Computer Science, Information Systems, Business Management, or related field or equivalent military experience preferred.
• Excellent interpersonal, communication, and presentation skills, including a strong customer service orientation and confident in communicating verbally and in writing with respect to local cultures and languages.

About Convera

Convera is the largest non-bank B2B cross-border payments company in the world. Formerly Western Union Business Solutions, we leverage decades of industry expertise and technology-led payment solutions to deliver smarter money movements to our customers – helping them capture more value with every transaction. Convera serves more than 30,000 customers ranging from small business owners to enterprise treasurers to educational institutions to financial institutions to law firms to NGOs.

Our teams care deeply about the value we bring to our customers which makes Convera a rewarding place to work. This is an exciting time for our organization as we build our team with growth-minded, results-oriented people who are looking to move fast in an innovative environment.

As a truly global company with employees in over 20 countries, we are passionate about diversity; we seek and celebrate people from different backgrounds, lifestyles, and unique points of view. We want to work with the best people and ensure we foster a culture of inclusion and belonging.

We offer an abundance of competitive perks and benefits including: 

• Competitive salary
• Opportunity to earn an annual bonus.
• Great career growth and development opportunities in a global organization
• A flexible approach to work

There are plenty of amazing opportunities at Convera for talented, creative problem solvers who never settle for good enough and are looking to transform Business to Business payments. Apply now if you’re ready to unleash your potential.

#LI-KP1