About Us

Atmosera is a multiple Gold Level, Azure Expert MSP and a Microsoft Partner of the Year winner, delivering full, lifecycle application development; mission critical Azure architecture design and implementation; managed Azure services (apps, infrastructure, and InfoSec); Data & AI solutions; and advanced training for developers and cloud engineers. We bring Solution Enablement together with Solution Management and Solution Upskilling & Training to deliver the full continuum of value from digital transformation. Our focus is on Azure, our clients are around the world.

Our Next Great Team Member

We are looking for an Information Security Compliance Officer responsible for proactively managing Atmosera's technology compliance programs while working with our clients to provide compliance support for Atmosera activities that fall within scope of their compliance requirements

What You'll Accomplish

In this critical role, you will be responsible for ensuring the organization, documentation, and integrity of all compliance and security controls to meet our compliance requirements. You will work closely with the Atmosera InfoSec team and the overall Leadership team to ensure Atmosera is operating appropriately within our compliance frameworks and that accurate evidence is producible and transparent to auditors and clients. You will also work with our clients relative to demonstrating that our processes, procedures, controls, and measures support a valid and comprehensive compliance posture based on several frameworks. Ultimately, this position will lead the creation of a Compliance Practice within Atmosera supporting a commercial focus and expansion of our professional services capabilities.

The Skills You'll Need

• Experience with HIPAA/PCI, SOC II Type 2, IRS 1075, and several FedRAMP SSPs including prioritizing and leading the organization of a world-class compliance program, conducting trainings, policy creation, and implementation and oversight of proper controls.
• Ownership of the development & implementation of security compliance policies that govern Atmosera's business operations, third party relationships, privacy, business continuity, and other business activities.
• Ownership and steward the company security training program.
• Serve as the point contact with auditors and 3rd parties during technical audits.
• Proven ability working with audit organizations navigating differences in interpretation of standards.
• Ability to collaborate with the InfoSec, Engineering, ClientOps, and Corporate IT teams to mitigate compliance risks and harden the company's overall risk posture.
• Collaborate with the legal and HR teams to integrate information security compliance policies into the broader set of compliance standards for the company.
• Ability to Develop and Maintain incident response procedural playbook.
• Produce & maintain compliance metrics & prioritize activities.
• Knowledge of Cloud Security, Microsoft Azure security & monitoring.
• Experience securing APIs and managed infrastructure from cyber exploitation & attack.
• Knowledge of Security Across Multi-Vendor Platforms.
• Experience working in a startup or fast-paced environment
• Experience with ethical hacking.
• Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH), GIAC Certified Incident Handler, (GCIH), Certified Information Privacy Technologist (CIPT).
• Software development, IT/System administrator, cloud provisioning, cyber security analysis experience.
• Strong awareness of cybersecurity trends and hacking/exploitation techniques.
• Strong interest in securing cloud environments.
• Team player; works well with others; can build trust with external clients.
• A proven people leader with experience in building effective and high performing teams.

Qualifications

• Degree in business IT, systems engineering, information systems, computer science, or other degree.
• 5+ years of work experience in IT Compliance, PCI/SOC Auditing, incident response, CMMC, CIS, NIST and/or ISO 27001 standards.
• Familiarity with SecOps concepts & best practices.

Perks & Benefits

• Health, vision, dental package including options for 100% paid employee coverage
• 401k with generous matching
• Company paid Life, AD&D, Short- and Long-Term Disability
• Performance-based compensation with bonus potential in addition to salary
• Employee Recognition and Reward Programs
• Community Service Leave

This is a full-time position in the United States with the ability to work from home, or from one of our many US offices if local.

Atmosera is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. All employment is decided on the basis of qualifications, merit, and business need.