Position Requirements:
The successful candidate will be working in a team to define, implement, and manage the ISO 27001 security program to achieve certification, including but not limited to:
- Prepare and maintain cybersecurity policies, standards, processes that tailored to both ISO 27001 and SOC2;
- assess, identify, and document cybersecurity risk that may impact business, then provide appropriate risk treatment options for identified risks;
- work with 3rd party vendors to assess their cybersecurity and technology risk;
- educate and promote cybersecurity policies, standards and processes;
- Collect evidence to ensure compliance with ISO 27001 controls and facilitate external audits and internal reviews;
- monitoring, managing and closing existing compliance issue while also ensuring that internal system is compliant with security standard;
- Conduct research to maintain and expand knowledge on the latest cybersecurity technologies and standards;
- Support GRC vendor due-diligence process and help to lead and define overall third party risk management efforts.
Qualification:
- BS/ BS or advanced degree preferred
- Experienced of leading and maintaining an ISMS as part of an ISO 27001 certified program for at least 4 years.
- has some experienced in GRC related works
- Holder of ISO 27001 LA certification or relevant certification
- Strong knowledge of security standards and frameworks, preferable with SOX, SOC 2, FedRAMP, NIST, OWASP
- Good knowledge of privacy standards and guidelines, preferable with GDPR, SCC, ISO 27701,
- Problem-solving and project management skills
- Ability to work both effectively individually and within a team.
- Good technical writing, documentation, and communication skills
- English and Mandarin - professional working proficiency
美商浪橋科技股份有限公司_Splashtop Inc. 於2006年成立於美國矽谷,在台灣、中國與日本設有分公司與研發團隊。核心團隊來自MIT,並且募集資金超過15億新台幣,投資股東有來自中美台各科技龍頭。我們的產品得到許多獎項並進入量產,擁有穩定的訂單及大量忠實的客戶。