at Trellix in Springfield, Illinois, United States
Job Description
Job Title:
Sr Compliance Engineer
Role Overview:
na
Responsible for the development and/or enforcement of corporate and business group information security policies to protect Trellix information assets and intellectual property. May participate in the planning, direction or coordination of enterprise, security architecture and control states protecting Trellix information assets and intellectual property. Lead or contribute to security controls risk assessments and industry framework certifications which determine threats, consequences, and vulnerabilities to business unit key assets, products, and services. Participate in the planning and direction of security risk assessments to examine and verify security capabilities, behaviors, and controls for authentication, authorization, integrity, availability, assurance, audit, and disposal of Trellix information assets to determine exposure and compliance levels (GRC). Curate and manage the enterprise risk register and its life cycle. Develop and lead corporate level information security awareness and training programs and reporting. Determine sources of requirements and standards for compliance. May monitor, assess, or execute security controls and tools on one or more of Trellix computing and communications environments and/or enterprise applications to ensure business acceptable exposure levels. Recommends and drives security control enhancements to meet current and future needs. Create designs/technical specifications that align business needs with technical solutions while considering emerging security technologies. May be engaged in other information security or risk management projects including Supplier Risk management, Disaster Recovery (DR), Business Continuity management (BCP), Crisis Management (CM), Product security, Software Development Life Cycle, Vulnerability Management, Penetration testing and reporting and/or the US Federal cloud platform security controls certifications and operations. Requires thorough knowledge of security practices, procedures, and capabilities to perform analytical work. Skills and experience required includes a BS in CS, CE, and/or IT. Thorough understanding of the Information Security Common Bodies of Knowledge; CISSP, CISM, CRISC, CISA or equivalent security certification required.
Company Benefits and Perks:
We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.
+ Retirement Plans
+ Medical, Dental and Vision Coverage
+ Paid Time Off
+ Paid Parental Leave
+ Support for Community Involvement
We’re serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.
