Ollion

Compensation

Full Description

Description: • Manage a global team responsible for the day-to-day management of the organization’s security programs, and applicable compliance frameworks • Lead, mentor, and manage team of direct reports responsible for cloud security and risk and compliance analysis • Develop and maintain policies, standards, processes, and tools that ensure cyber readiness, regulatory compliance, and operational excellence • Act as the company’s subject matter expert on industry regulations and provide compliance guidance to Ollion and our Client's • Design and embed compliance processes into Client assessments, ensuring they’re executed effectively • Oversee Ollion’s IT’s infrastructure ensuring systems are secure, monitored, and maintained according to best practices • Mature the company's security program through proactive exercises, including annual penetration testing, disaster recovery simulations, and CSPM • Oversee the development, implementation, and enforcement of security policies and procedures, championing a Zero Trust architecture based on the principle of least privilege and Role-Based Access Control (RBAC) • Lead the incident response process, determining severity, assigning resources, and ensuring swift containment of Security and compliance threats • Hands-on experience with security tools such as SIEM, DLP, endpoint detection and response (EDR), and vulnerability scanning • Manage and optimize security tools, including SIEM (Microsoft Sentinel), the Microsoft Defender suite, and secret scanning solutions for development environments • Lead and manage all compliance programs and audits • Act as the primary liaison with external partners, including auditors and virtual CISO (vCISO) providers • Evaluate emerging technologies and lead strategic digital initiatives to enhance operational efficiency and business agility • Manage relationships with external vendors and technology partners; negotiate contracts and ensure service levels are met • Undertake any other duties of a similar level and responsibility as may be required from time to time Requirements: • 5+ years of experience in a Security or Compliance role, with at least 2 years in a leadership position managing a technical team • Understanding and experience in Cloud Technologies • General familiarity across all three major CSPs (GCP, AWS and Azure) • Proven track record of successfully leading and passing audits for major compliance frameworks (e.g., SOC 2, ISO 27001, ISO 42001 and ISO 27090) • Strong and practical knowledge of industry adopted frameworks and methodologies (MITRE ATT&CK, CIS, NIST, ISO, etc.) • Experience in systems such as Microsoft Sentinel, Microsoft Defender Endpoint and Cloud Apps, Microsoft Entra, and Google Administration • Strong knowledge of networking, identity access policies, and security best practices for cloud-based environments • Excellent verbal and written communication skills • Strong analytical and problem-solving abilities • Effective time management skills • Proactive approach and team player • Adaptability to evolving business needs • Demonstrated experience in developing and managing departmental budgets and negotiating with vendors • Security certification(s) CCSP, CISSP, CISM, CompTIA Security+, CompTIA PenTest+, GIAC Information Security Fundamentals (GISF), GIAC Security Essentials (GSEC), (ISC)² Associate, (ISC)² Systems Security Certified Practitioner (SSCP), ISACA Cybersecurity Fundamentals Certificate, (Security+, ISC2, ISACA, CompTIA), Risk Management (CRISC) • B.S. in Computer Science, Information Technology, Information Systems, or IT Management • Ability to work in a fast paced team environment Benefits: • Benchmarked, competitive, in-market total rewards package including (but not limited to): base salary & short-term incentive for all employees • Virtual by default, small but Global organization; ‘learn wherever, whenever’ frees our people from a rigid view of learning and growth • Retirement planning (i.e. CPF, EPF, company-matched 401(k)) • Employees have access to a fully comprehensive benefits package to choose the medical, dental, and vision insurance plan that best fits their lives • Mental health resources and additional wellness programs • Generous time off and leave allowances