Perform SOC 1 & 2, NIST 800-171, ISO 27001, ISO 27701 and ISO 42001 gap analysis and recommend process, procedural, documentation and tooling recommendations to remediate.
Improve Compliance and certification scope efficiency via review and enhancements of the Trimble Common Control Framework
Perform ISO 27001 & ISO27701 Internal Audits.
Perform SOC 1 & 2, NIST 800-171 Internal & External Audits
Contribute to annual policy revisions and maintenance of the IMS.
Constantly coordinate with key business stakeholders and the external auditor
Present metrics derived from the Integrated Management System, audit results, trends in risk, and corrective action plans to senior leadership.
Contribute to the creation of processes and procedures that increase efficiency of the overall compliance program across all standards and frameworks.
Collaborate with Cybersecurity team members, Trimble businesses across various geographies.
Contribute to risk management processes to ensure business risk posture is properly calculated and proactively managed.
Produce and analyze information that will accurately demonstrate the risk posture of each business and drive actions to reduce and manage technical risks.
Be able to understand and communicate technical risks to a broad set of stakeholders.

Requirements

Preferable a relevant degree in Data Science, Computer Science or Engineering (Software or Electrical)
Current general security certifications (e.g., SEC+, GSEC) encouraged but not required
ISO 27001 Certified Internal / Lead Auditor and or equivalent experience.
2 years experience working with SOC 1 & 2, NIST 800-171, ISO 27001, ISO 27701
Proficiency in English (written and oral)
2 years experience in a risk management role, information security role or systems engineer/administrator role in a large, international software company
Hands-on experience with business and GRC tools such as: Jira Service Desk
Demonstrated experience in collecting information from disparate data sources and formulating into reports that can be presented to various audiences
Intermediate level experience with Windows and Linux/Unix operating systems
Intermediate level cloud knowledge within AWS, Azure and GCP
Intermediate level scripting knowledge and experience of Splunk and creating queries
Experience of using AI to reduce manual process and procedure
Excellent analytical, problem-solving and decision making skills.

Benefits

Medical
Dental
Vision
Life
Disability
Time off plans
Retirement plans
Paid Parental Leave
Employee Stock Purchase Plan

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

SOC 1SOC 2NIST 800-171ISO 27001ISO 27701risk managementscriptingdata analysistechnical risk assessmentGRC tools

Soft skills

analytical skillsproblem-solvingdecision makingcommunicationcollaborationstakeholder managementpolicy revisionprocess improvementpresentation skillsefficiency enhancement

Certifications

ISO 27001 Certified Internal AuditorISO 27001 Lead AuditorSEC+GSEC