cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
CorelCyberSec
Viewer

Global Risk Security Analyst

Corel is all about breaking convention to achieve exceptional things. We’re the people behind the world’s leading software and we’re obsessed with finding new ways to harness the creativity of our customers and our employees. We’re a talented, eclectic, and eccentric group that makes coming to work every day worth your while. This is not your typical tech team. We also have a healthy respect for work-life balance – so you can leave work at work.

 

We’re looking for a senior analyst or manager in the field of Governance, Risk, and Compliance (GRC) to bring our security practices to the next level.

You will report to our Global Business Operations and lead the company to achieve SOC 2 Type 2, ISO 27001, and other relevant industry compliance certifications. Additionally, you will help with GDPR compliance, improve security best practices among the engineering and research teams, and improve security knowledge within the company.

Responsibilities

  • Work with the IT and engineering teams to ensure common vulnerabilities and exploits (CVEs) are resolved promptly by the engineering teams
  • Create, track, and report GRC metrics to the leadership team
  • Develop roadmaps for and achieve compliance for Corel hosted products on SOC 2 Type 2, ISO 27001, and others
  • Own the documentation for standards, policies, and processes for sales collateral and internal distribution
  • Manage audits and assessments with internal and external stakeholders
  • Handle compliance and audit requests in conformance with GDPR for EU customers and employees
  • Serve as the IT compliance subject matter expert to the business

 

Qualifications

 

  • 3+ years of program/project management experience
  • 3+ years of functional knowledge of the TCP/IP protocol suite, LAN/WAN technologies, switching, routing, VoIP and Telephony technologies, firewalls and VPN, intrusion prevention systems (IPS), vulnerability assessment and patch management tools
  • 3+ years of functional knowledge of Unix and Windows server operating systems  
  • Extensive knowledge of GRC best practices for SaaS organizations
  • Successful delivery of compliance for a SaaS product to one or more security standards (SOC 2, ISO 27001, and NIST 800, for example)
  • Familiarity with security standards and US and EU privacy laws (HIPAA, CCPA and GDPR)
  • Experience delivering on multi-stakeholder projects
  • Familiarity with SaaS architectures, software development, and deployment to cloud providers
  • Active CISSP, CISM, SANS or other industry-recognized equivalent security certifications is required
  • Active CISA, GRCA, GRCP or other industry-recognized equivalent audit or compliance certifications are required or must be willing to obtain within the first year of employment.

 

Preferred Qualifications

 

  • Experience or certifications related to non-IT disciplines such as PMP, ITIL or Six Sigma
  • Experience with Agile and DevOps methodologies
  • Oral and written communications skills to enable effective and meaningful information exchange between technical and non-technical people across multiple levels of organizational structure

 

About Corel  

 

Corel products enable millions of connected knowledge workers around the world to do great work faster. Offering some of the industry's best-known software brands, we give individuals and teams the power to create, collaborate, and deliver impressive results. Our success is driven by an unwavering commitment to deliver a broad portfolio of innovative applications – including CorelDRAW®, MindManager®, Parallels®, and WinZip® – to inspire users and help them achieve their goals.  

 

It is the policy and practice of the Company to offer equal employment opportunities to all qualified applicants and employees without regard to race, color, age, religion, national origin, **gender**, political affiliation, **gender** orientation, marital status, disability, veteran status, genetics, or any other protected characteristic.  

1 Reply
bighaaaas
Viewer

Greetings this sounds like an interesting position where is it located? I live in the Washington Dc Area. How do I send you my resume???
Thanks,
Hassan
CorelCyberSec
Viewer

Global Risk Security Analyst

Corel is all about breaking convention to achieve exceptional things. We’re the people behind the world’s leading software and we’re obsessed with finding new ways to harness the creativity of our customers and our employees. We’re a talented, eclectic, and eccentric group that makes coming to work every day worth your while. This is not your typical tech team. We also have a healthy respect for work-life balance – so you can leave work at work.

 

We’re looking for a senior analyst or manager in the field of Governance, Risk, and Compliance (GRC) to bring our security practices to the next level.

You will report to our Global Business Operations and lead the company to achieve SOC 2 Type 2, ISO 27001, and other relevant industry compliance certifications. Additionally, you will help with GDPR compliance, improve security best practices among the engineering and research teams, and improve security knowledge within the company.

Responsibilities

  • Work with the IT and engineering teams to ensure common vulnerabilities and exploits (CVEs) are resolved promptly by the engineering teams
  • Create, track, and report GRC metrics to the leadership team
  • Develop roadmaps for and achieve compliance for Corel hosted products on SOC 2 Type 2, ISO 27001, and others
  • Own the documentation for standards, policies, and processes for sales collateral and internal distribution
  • Manage audits and assessments with internal and external stakeholders
  • Handle compliance and audit requests in conformance with GDPR for EU customers and employees
  • Serve as the IT compliance subject matter expert to the business

 

Qualifications

 

  • 3+ years of program/project management experience
  • 3+ years of functional knowledge of the TCP/IP protocol suite, LAN/WAN technologies, switching, routing, VoIP and Telephony technologies, firewalls and VPN, intrusion prevention systems (IPS), vulnerability assessment and patch management tools
  • 3+ years of functional knowledge of Unix and Windows server operating systems  
  • Extensive knowledge of GRC best practices for SaaS organizations
  • Successful delivery of compliance for a SaaS product to one or more security standards (SOC 2, ISO 27001, and NIST 800, for example)
  • Familiarity with security standards and US and EU privacy laws (HIPAA, CCPA and GDPR)
  • Experience delivering on multi-stakeholder projects
  • Familiarity with SaaS architectures, software development, and deployment to cloud providers
  • Active CISSP, CISM, SANS or other industry-recognized equivalent security certifications is required
  • Active CISA, GRCA, GRCP or other industry-recognized equivalent audit or compliance certifications are required or must be willing to obtain within the first year of employment.

 

Preferred Qualifications

 

  • Experience or certifications related to non-IT disciplines such as PMP, ITIL or Six Sigma
  • Experience with Agile and DevOps methodologies
  • Oral and written communications skills to enable effective and meaningful information exchange between technical and non-technical people across multiple levels of organizational structure

 

About Corel  

 

Corel products enable millions of connected knowledge workers around the world to do great work faster. Offering some of the industry's best-known software brands, we give individuals and teams the power to create, collaborate, and deliver impressive results. Our success is driven by an unwavering commitment to deliver a broad portfolio of innovative applications – including CorelDRAW®, MindManager®, Parallels®, and WinZip® – to inspire users and help them achieve their goals.  

 

It is the policy and practice of the Company to offer equal employment opportunities to all qualified applicants and employees without regard to race, color, age, religion, national origin, **gender**, political affiliation, **gender** orientation, marital status, disability, veteran status, genetics, or any other protected characteristic.