Cybersecurity Compliance Specialist

We are seeking a Compliance Security Specialist to join our team. As a key member of our security delivery team, you will be responsible for assisting vCISOs in executing elements and projects within a security program.

The ideal candidate will have 1-2 years of experience in security technologies, information security, business resilience, technology risk or related fields. They will also have external-facing client experience and be able to work independently and with teams to identify and resolve challenges and overcome roadblocks.

• About Us:
• Innovative solutions for cybersecurity at scale.
• We believe small businesses are the engine behind innovation and growth.
• Understanding customer challenges enables us to design scalable cybersecurity services that support secure growth.

1. Execute Security Program Elements: Assist vCISOs in executing elements and projects within a security program, such as risk assessments.
2. Tailor Security Policies: Work directly with clients to understand their operations and tailor security policies and procedures that fit their organization.
3. Security Education Expertise: Serve as subject matter expert of Kobalt's security education platform.
4. Phishing Tests: Design and deploy phishing tests to clients regularly.
5. Compliance Audit Readiness: Provide compliance audit readiness support as required.
6. GRC Platform Management: Provision, implement, and manage Vanta, or a similar GRC platform, for clients.
7. Process Automation: Build new tools and techniques to compress human-intensive tasks into work that can be achieved in a fraction of the time.
8. Document Best Practices: Document best practice procedures for commonly used technologies for the standardization of deployment.
9. System Misconfigurations: Identify system misconfigurations and draw up recommendations for clients, and assist where necessary.
10. Collaboration: Collaborate with team members to assist with improvements, discovery, and production of creative and insightful security use-cases.
11. Metric Tracking: Capture regular metrics highlighting key activities, measurable accomplishments, and blockers.
12. Service Offerings: Support the design and development of Kobalt's service offerings through insightful feedback and a positive attitude as a contributing member of our security delivery team.
13. Knowledge Base Articles: Help drive improvements in our best-in-class security services through the creation of knowledge-base articles and services documentation.
14. Customer Engagement: Respond to and engage our customers through our ticket system, chat, email, phone, or other mediums as required.

• Experience: 1-2 years of experience in security technologies, information security, business resilience, technology risk or related fields.
• External-Facing Experience: External-facing client experience.
• Communication Skills: Ability to communicate effectively, both verbally and in writing, with clients and internal audiences.
• Domain Knowledge: Understanding of cybersecurity domains, including Security Operations (on-premise and cloud), Security Engineering, Information Risk Management, etc.
• Secure Best Practices: The ability to articulate secure best practices of various aspects of information risk management in the context of people, processes and technology.
• Report Writing: Emphasis on spelling, grammar, word usage, and the ability to write a summary that answers the who, what, where, when, how, and, to the best of your ability, why.
• Strong Communication Skills: Be able to perform summarization and commonality detection and 'connect the dots' so that a group of facts is turned into contextual information. Then take that contextual information and determine if it proves your hypothesis right or wrong.
• Adaptability: Ability to quickly learn and adapt security best practices to a wide variety of technologies in use by clientele.

• Intermediate Coding/Scripting Skills: Intermediate coding/scripting skills to help automate processes and scale implementation efforts.
• Technical System Access Controls: Familiarity with technical system access controls, how to apply them, and what benefits are gained from controls.
• On-the-Job Training: Ability to provide on-the-job training and knowledge sharing to other team members.
• Solid Sense of Integrity: Solid sense of integrity and identification with the mission.
• Intuition and Problem-Solving: Strong intuition and ability to think 'outside the box'.
• Attention to Detail: Attention to detail while seeing the bigger picture.

• Competitive Salary and Benefits Package: Competitive salary and benefits package.
• Flexible Work Arrangements: Flexible work arrangements.
• Professional Development Opportunities: Professional development opportunities.
• Fun and Inclusive Company Culture: Fun and inclusive company culture.