You will be responsible for managing Jet’s continued Information Security Compliance Program.
Jet’s mission is to become the smartest way to shop and save on pretty much anything. Combining a revolutionary pricing engine, a world-class technology and fulfillment platform, and incredible customer service, we’ve set out to create a new kind of e-commerce. At Jet, we’re passionate about empowering people to live and work brilliant.
About Jet’s Internal Engine
We’re building a new kind of company, and we’re building it from the inside out, which means that investing in hiring, developing, and retaining the brightest minds in the world is a top priority. Everything we do is grounded in three simple values: trust, transparency, and fairness. From our business model to our culture, we live our values to the extreme, whether we’re dealing with employees, retail partners, or consumers. We believe that happiness is the highest level of success and we want every person that crosses paths with Jet to achieve it. If you’re an ambitious, smart, natural collaborator who likes taking risks, influencing, and innovating in a challenging hyper-growth environment, we’d love to talk to you about joining our team.
About the Job
The Information Security Compliance Manager will be responsible for demonstrating Jet’s commitment to security and privacy within the company and to external parties by driving Jet’s continued compliance efforts with external and internal requirements. This includes maintaining the security controls required by PCI, ISO 27001, and other regulatory compliance frameworks.
This role’s responsibilities include:
- Support the identification, implementation, and maintenance of security controls required by PCI, ISO 27001, and other regulatory compliance frameworks in a collaborative manner that supports Jet’s business and growth objectives
- Participate in the development and oversight of required corrective action plans relating to security compliance issues
- Support security assessments, develop mitigation plans, and work with internal stakeholders to assign responsibility
- Establish and manage the security risk assessment for new and ongoing projects, advise on architectures, security, and mitigating controls.
- Understand technical implementation details necessary to assess and design practical security controls
- Partner with team members and cross functional groups to ensure programs align with compliance requirements
- Assist with responding to external requests inquiring about Jet’s security program
- Promote security compliance internally while maintaining Jet’s core values of transparency, fairness and trust
- Experience with PCI Compliance, preferably as an active Internal Security Assessor (ISA) or Qualified Security Assessor (QSA)
- Deep understanding of PCI Data Security Standards or security frameworks such as ISO 27000 Series, NIST, etc.
- Experience in performing information security risk assessments
- Strong foundation in and in-depth technical knowledge of security engineering, computer and network security, authentication, and security controls
- Strong understanding of most of the following common security compliance frameworks, controls, and best practices: AICPA Trust Principals (SSAE 16 - SOC 2 and 3), OWASP Top 10, SANS CIS Critical Security Controls, regulations governing personally identifiable information (PII), and other applicable regulatory compliance frameworks
- History of successful engagements with external auditors for various compliance audits
- 8 - 10 years of experience in information security, preferably in the audit & compliance related field
- In-depth understanding of network and system security technology and practices across all major-computing areas
- Security certifications desired such as CISA, CISSP, CISM, CRISC, ISO 27001 etc
- Knowledge in cloud computing security environments such as Azure preferred
At Jet, our goal is to reshape the landscape of e-commerce forever and make a lasting difference in people’s lives.
Want to learn more about Jet? Visit https://jet.com
Jobs You May Like
Manager, Customer Operations
Squarespace, Dublin, IE
Product Help Content Writer
GitHub, Remote- US
National Account Executive
Yelp, San Francisco, CA
Etsy, Brooklyn, NY
Senior DevOps Engineer (AWS)
Weedmaps, Irvine, CA, United States
Senior Manager Partner Marketing - Italy
Netflix, Amsterdam, Netherlands