Cyberseurity Controls Assurance Senior Manager

Heredia, Heredia Province, Costa Rica

Apply with AI Apply

Not SpecifiedCompensation

Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level

Full TimeJob Type

UnknownVisa

Information Services, BiotechnologyIndustries

Requirements

Candidates must possess a Bachelor's degree in computer science, management information systems, or equivalent experience, with at least 3 years of management experience overseeing IT auditors or Information Security control assessors. A minimum of 12 years in IT Audit or Information Security control assessments, including cloud security controls, is required, along with professional certifications such as CISA, CISM, CISSP, or ISO 27001 Lead Auditor. Proficiency in standards like NIST 800-53, ISO 27001/27002, CIS Controls, and COBIT is essential, as is experience with both automated and manual methods for evaluating on-premise and cloud security controls. Familiarity with security tools like Sailpoint, Rapid7, Wiz.io, MS Defender, cloud security in AWS and Azure, automation techniques, generative AI for control assurance, RSA Archer, ServiceNow, Kanban boards, and Jira is also expected. Experience as a Big 4 consultant and a strong understanding of cybersecurity principles are desired.

Responsibilities

The Information Security Control Assurance Manager will lead a team in evaluating security controls for on-premise and cloud processes to mitigate risks and ensure regulatory compliance. This role involves directing the team in testing security controls for design, implementation, and operational effectiveness within an Agile environment. Key responsibilities include overseeing the information security control testing program, managing testers, designing repeatable testing methodologies with automation for cloud environments, and planning control tests with detailed criteria. The manager will ensure quality assurance for control testing documentation, compile management reports on risks and deficiencies, serve as the primary contact for control tests, and improve the efficiency of the control testing program through standardization. Additionally, the role includes mentoring junior team members and reporting on security posture and control effectiveness to senior management.

Skills

Information Security

Control Assurance

Risk Mitigation

Regulatory Compliance

Security Control Testing

Cloud Security

Agile Environment

Automation

Quality Assurance

Expedia

Travel booking platform for flights, hotels, rentals

About Expedia

Expedia Group operates in the travel industry, offering a wide range of services for travelers and travel-related businesses. It connects users with options for flights, hotels, car rentals, vacation packages, and activities through its various brands, including Expedia, Hotels.com, and Vrbo. Travelers can easily find and book trips that match their preferences and budgets. The company earns revenue primarily through commissions on bookings and advertising from travel service providers looking to promote their offerings. Additionally, Expedia Group supports its partners by providing access to valuable data and technology, helping them improve their operations and grow their businesses. The goal of Expedia Group is to create a seamless travel experience for users while maximizing the potential of its partners.

Bellevue, WashingtonHeadquarters

1996Year Founded

$3,277.3MTotal Funding

IPOCompany Stage

Consumer Goods, EntertainmentIndustries

10,001+Employees