The security GRC team broadly covers security, compliance, risk management, privacy and data protection. Given the WSO2 footprint across all regions and over a 100 countries, this has become critical for the business, and, as a result, gives much needed confidence to our customers and regulators.
The team consists of well rounded security professionals that have the unique ability to translate requirements between highly technical teams, business/sales teams, and senior leadership. Not only does this team play a role in our daily operations but they also weigh in on strategic and business decisions.
What You’ll Learn:
- Hands-on exposure to ISO, PCI-DSS, SOC 2, and other globally recognised certification and attestation programs.
- Understanding on how audit controls are designed, executed, and evidenced.
- Supporting external audits and evidence gathering across multiple teams.
- Understanding risk management methodologies and managing risk registers across multiple product offerings and business units.
- Planning and tracking security and compliance activities across multiple business units via dashboards and follow-ups.
- Principles and concepts relating to data privacy and data protection.
- Global regulations and concepts on data privacy and data protection and how they can be applied in real-life scenarios.
- Understanding of third-party and supplier risk management, including security assessments, compliance reviews, and ongoing monitoring of vendors and sub-processors.
- Collaboration with legal, risk, engineering, product, and operations teams to embed security and privacy requirements into business processes and product development lifecycles.
- Development of skills to translate technical and regulatory requirements into business-friendly guidance for diverse stakeholders.
- Learning how to balance regulatory compliance with business agility and operational efficiency, using a risk-based and pragmatic approach.
- Building strong foundations for professional certifications and long-term career growth in cybersecurity governance, risk, compliance, and data protection.
Key Requirements:
- Pursuing a degree in Cybersecurity or equivalent.
- Basic understanding of technical compliance requirements and standards.
- Interest in technical troubleshooting, technical documentation, and project management.
- Ability to multi-task across multiple initiatives and teams.
- Strong interpersonal skills to communicate requirements and findings across multiple functional teams.
- The drive to excel and a never-give-up attitude.
- Curiosity and eagerness to learn and explore.
- Ability to work both independently and collaboratively in a fast-paced environment.
- Basic familiarity with documentation tools, spreadsheets, and collaboration platforms (e.g., Google Workspace, Github) is an advantage
Generating Apply Link...
