Security AuditorAre you interested in helping shape the security of the Internet we all depend on? Are you interested in learning about or contributing to new security policies months or years before being used in every browser? We are looking to add a Security Auditor to our growing team. We are in the Upper Kirby area just a few minutes from I-45. The digital certificate products in our suite of services include SSL/TLS, SMIME/email, code, and document/object signing, client authentication, and IoT (Internet of Things). SSL.com is a voting member of the CA/Browser Forum and the Cloud Signature Consortium and as a result every team member at SSL.com is valued and provides a positive impact on Internet security in general. We regularly interact with the titans of the Internet such as Google, Amazon, Mozilla, Cisco, Microsoft, Oracle, etc…
Objective:To look at the present and past activities to provide assurance that all activities have been carried out according to set policies and procedures. Security Auditors create value to SSL.com by assessing its adherence to the applicable requirements, identifying possible discrepancies or areas for improvement, analyzing root causes behind facts, and making recommendations. Their stabilizing role is also valuable for the security, reliability, and quality of the SSL.com products and services, thus for customers and relying parties.
Skills we are looking for include:
- Verbal and written fluency in English.
- Ability to read, interpret and comprehend complex documents such as contracts, standards, policies, processes, and procedures.
- Experience in methodologies, concepts and tools to audit IT systems and information security management systems.
- Objectivity, sound judgment and fair assessment/decision making.
- Attention to the details and nuances of policies, standards and processes.
- Commitment to tasks, persistence in overcoming obstacles and dependability in difficult circumstances to get results.
- Good human and communications skills to collect the information required, engage subject matter experts, and drive the audit process.
- Analytical ability to identify the different aspects of each issue, deepen the analysis in critical areas, and extract essential information and conclusions.
- Proficient working knowledge of information technology concepts, practices, terminology, and standards, with ability to actively conduct and/or engage in discussions relative to all assignments. This also includes demonstrated ability to document technical matters and/or or complex concepts in a manner that is meaningful to the intended recipients.
- Knowledge of PKI concepts, Trust Services, Certification Authorities and/or Root Store Programs a plus.
Education requirements and work experience include:
- Bachelor’s Degree in Information Technology, Computer Science, or an equal amount of experience in the related field.?
- Two or more years of business experience in Information Security /IT auditing.
Nice to have (preferred):
- Certification such as Webtrust Auditor, ETSI Auditor, CISA, CCAK, ISO 27001 Lead Auditor
- Any relevant licenses and/or certificates?(e.g., CISSP, COBIT, ITIL, CDPSE)