Related skills
iso 27001 fedramp mitre att&ck nist csf doraπ Description
- Lead roadmap to integrate risk matrix into the framework
- Govern regulatory compliance for DORA, FedRAMP; maintain SCRM
- Own end-to-end risk assessment and risk scoring
- Conduct annual and ad-hoc risk assessments; produce memos
- Manage risk acceptance in JIRA; maintain dashboards
- Ensure Jira backlog hygiene; prevent frozen tickets
π― Requirements
- 10+ years in Information Security, GRC
- Hands-on enterprise risk assessments end-to-end
- Evaluate control effectiveness via configs, logs, diagrams
- Threat modeling using STRIDE and MITRE ATT&CK
- Knowledge of NIST SP 800-30, NIST CSF, ISO 27001
- Regulatory knowledge: DORA, NIS2, FedRAMP Rev 5, GDPR, PCI-DSS
π Benefits
- Generous parental leave policy
- Fertility assistance programs
- Employee affinity groups
- Culture and learning opportunities
- Disability accommodations in application/interview
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Operations Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!