Apply on Employer Site

Meta · 13 hours ago

Cloud Security GRC Specialist

Bellevue, WA

Full-time

Onsite

Senior Level

$153K/yr - $209K/yr

7+ years exp

Meta is a technology company that builds tools for connection and community. They are seeking a Cloud Security GRC Specialist to lead programs in Cloud Security and compliance, collaborating with various teams to ensure security and regulatory adherence.

Computer Software

Comp. & Benefits

Responsibilities

Lead significant programs of work across various levels of cross-functional (XFN) teams in Cloud Security and Cloud GRC areas

Collaborate with team members and stakeholders to understand or identify defined work problems and program goals, obtain prioritized deliverables, and discuss program impact

Design, implement, and/or assess security controls and frameworks

Implement maturity frameworks across multiple programs factoring in emerging regulations and proactive detection of risks

Assess and document emerging regulatory impact on established policy and control frameworks

Identify, communicate, and collaborate with relevant stakeholders within one or more teams to drive impact and work toward mutual goals

Establish learnings, best practices, standardized frameworks and tools across GRC and related teams

Develop detailed program/project plans in partnership with cross-functional teams

Identify opportunities for information sharing, process improvement and automation

Support business travel on an as needed basis (up to 10%)

Qualification

Cloud SecurityRisk ManagementCompliance FrameworksControl FrameworksInformation SecurityCSP ExperienceSecurity CertificationsCommunication SkillsCollaboration SkillsProblem Solving

Required

7+ years experience in information security and/or technology risk including one or more domains (e.g., access management, vulnerability management, change management, business continuity, application security, asset management)

Demonstrable familiarity with key Cloud Security, Risk Management and Compliance concepts

4+ years of experience in hands on security, with at least one of the major CSPs (AWS, GCP, Azure)

Experience in a GRC function overseeing Cloud implementations at scale

Experience in designing and implementing control frameworks

Experience in assessing security deficiencies in information systems and recommending mitigating controls in a corporate environment

Familiarity with compliance frameworks and regulatory requirements such as NIST, CSA CCM, ISO-27001, ISO27018, SOC2, GDPR, EECC, eDP, NIS2, and other relevant structures

Bachelor's Degree in Computer Science, Information Systems, Engineering, Cybersecurity or related field or equivalent experience