Work with McAfee

Work with McAfee.

Amazing works here and we want more of it.

Join Our Talent Network

Information Security Specialist - Security Compliance

Apply Now    
Location:
Plano, TX US
Other Location(s):
California, Santa Clara;
Job Id:
JR0007860
Job Category:
Information Technology
Job Description

McAfee is currently seeking a Compliance Program Manager to join its growing Information Security Governance, Risk & Compliance Team.  The Compliance Program Manager will manage program and tactical activities related to McAfee compliance with key regulations and standards partnering with InfoSec, IT & Business Unit teams.  This is a full-time opportunity in the Plano, TX area.

  • Develop a roadmap for compliance programs and initiatives from initiation, through execution and delivery, to measuring and reporting
  • Document compliance requirements and areas of exposure; analyze and technically assess application/systems to prepare teams for audit and certification assessments and annual review
  • Work closely with key Business Units (e.g. IT, Legal, Finance, Architecture, Product, Engineering) to align and establish compliance requirements, policies, and standards
  • Partner closely with GRC Risk Management to streamline compliance activities based on core security controls framework
  • Create metrics to track and manage the program’s consistency and effectiveness against strategic goals and roadmaps
  • Understand how our internal partners/stakeholder’s teams operate to support prioritization and deliver efficient and high quality compliance solutions that directly support enterprise Risk Management goals and objectives
  • Proactively maintain awareness of domestic and global compliance changes that have direct impact on McAfee’s environment
  • Manage and work closely with cross functional and globally dispersed teams on their commitments, milestones, resources allocations, and deliverables
  • Recognize and escalate up and downstream impacts to stakeholders
  • Effectively communicate objectives, project milestones, status, and dependencies in a timely manner to team members, stakeholders and management; provides a clear and consistence program status report to all stakeholders
  • Foster a high-performance, risk-managed, compliant culture within IT by evangelizing the importance of risk managed solutions and supporting disincentives for non-compliance
  • Proactively identify gaps or conflicts in existing processes and work to develop solutions with various groups
  • Assist with remediation of control deficiencies and gaps identified during the audit process
  • Support the education and training of process / control owners so they better understand technology control frameworks and their responsibilities
  • Facilitates open communication and discussion between stakeholders, acting as a single point of contact by developing, maintaining and working to stakeholder engagement strategies and plans. 

Education and Experience

  • Bachelor's degree in Computer or Management Information Systems, Computer Engineering, Accounting, Finance, or other related field or seven (7) to ten (10) years of equivalent, relevant work experience at a management level. 
  • Seven (7) to ten (10) years program management, risk management, internal controls, security audit, control framework/compliance, information security, and/or technology process experience. 
  • PMP, CISM, and/or CISA certification preferred. Experience with compliance and/or control framework design and implementation preferred. 
  • Experience delivering SOX, FedRAMP, FISMA, GDPR, ISO 27001, PCI DSS compliance programs preferred.
  • Experience with Service Organization Reports (SSAE-16, SOC 1, SOC 2, SOC 3) , AICPA Trust Services Principles) preferred.

Knowledge, Skills and Abilities

  • Knowledge of NIST 800-53, COBIT, COSO, ISO 27001, PCI DSS, NIST and FISMA and Sarbanes Oxley legislation and impact, and other regulations. 
  • Demonstrated ability to apply analytical skills in dealing with issues that are not readily defined or that conflict with available information. 
  • Solid understanding of industry best practices and standards for Risk and Compliance. 
  • Demonstrated facilitation and tactical project management skills. 
  • Excellent verbal and written communication skills. 
  • Good understanding of business process controls. 
  • Attention to detail and ability to implement. 
  • Excellent planning, time management, and follow through skills.


Qualifications

Education and Experience
• Bachelor's degree in Computer or Management Information Systems, Computer Engineering, Accounting, Finance, or other related field or seven (7) to ten (10) years of equivalent, relevant work experience at a management level.
• Seven (7) to ten (10) years program management, risk management, internal controls, security audit, control framework/compliance, information security, and/or technology process experience.
• PMP, CISM, and/or CISA certification preferred. Experience with compliance and/or control framework design and implementation preferred.
• Experience delivering SOX, FedRAMP, FISMA, GDPR, ISO 27001, PCI DSS compliance programs preferred.
• Experience with Service Organization Reports (SSAE-16, SOC 1, SOC 2, SOC 3) , AICPA Trust Services Principles) preferred.
Knowledge, Skills and Abilities
• Knowledge of NIST 800-53, COBIT, COSO, ISO 27001, PCI DSS, NIST and FISMA and Sarbanes Oxley legislation and impact, and other regulations.
• Demonstrated ability to apply analytical skills in dealing with issues that are not readily defined or that conflict with available information.
• Solid understanding of industry best practices and standards for Risk and Compliance.
• Demonstrated facilitation and tactical project management skills.
• Excellent verbal and written communication skills.
• Good understanding of business process controls.
• Attention to detail and ability to implement.
• Excellent planning, time management, and follow through skills.



Other Locations

California, Santa Clara;

Apply Now    
Back to top