Manager, Security and Compliance

Data Blend, a specialized iPaaS software company focused on financial system workflows, is looking for aroll-upyour sleeves person with a can-do attitude tojoin ourgrowingteam as aManager, Security and Compliance. This will bea critical role looking to enhance and transform the quality of our Security and Compliance function with a tremendous amount of growth potential at both Data Blend and our parent company eOne Solutions.

So, if you want to joinaproven product company that is still scaling and are ready tohave a big impact and work to expand our product’s capabilities, please submit your resume  .

Reporting directly to the Senior Director of Product and Chief Information Security Officer (CISO), the Manager, Security and Compliance responsibilities will include, but not be limited to:

• Working closely with the CISO and executive team to set a security strategy that is closely aligned with Data Blend and eOne Solutions business goals.
• Supporting information security and third-party audits as required (i.e. SOC2, ISO 27001, customer questionnaires, etc.)
• Supporting the development and rollout of products and services with embedded security and resiliency.
• Establishing and fostering a cyber-aware culture.
• Building customer facing messaging that establishes security and compliance as a differentiator.
• Conducting periodic risk assessments to proactively identify and remediate risks.
• Maintaining and optimizing programs to enable frictionless security and compliance.
• Managing the development, approval, training, and implementation of policies, procedures, standards, controls, and guidelines.
• Developing and providing annual training to all workforce members of established policies and procedures as necessary and appropriate to carry out their job functions and documents the training provided.
• Ensuring appropriate role-based access is provided to all users.
• Overseeing and enforcing all activities necessary to maintain compliance and verifying the activities are in alignment with the requirements.
• Facilitating audits (internal and external) to validate compliance efforts throughout the organization.
• Receiving, investigating and documenting reports of security or policy violations.
• Collaborating with Dev Ops and other operational teams to ensure security standards are met.
• Managing suite of security and compliance tools to ensure that vulnerabilities/risks are identified and timely queued for remediation. Advise on and track issues through Remediation.
• Monitoring security and compliance reports and JIRA security and compliance board to ensure that all reported issues are promptly and appropriately actioned.

• Track record of building relationships with internal and external stakeholders
• Experience with SOC 2 Type II audits (preparation, evidence gathering, remediation)
• Working knowledge of ISO 27001:2022 standards and certification process
• Experience developing and maintaining security policies and procedures
• Demonstrated ability to conduct internal audits and manage findings
• Experience conducting security assessments and risk analysis
• Experience with vendor security assessments and third-party risk management
• Understanding of data privacy regulations (GDPR, CCPA, HIPAA where applicable)
• Practical knowledge of security tools (SIEM, IDS/IPS, vulnerability scanners)
• Knowledge of cloud security practices (AWS or Azure)
• Familiarity with security frameworks (NIST, CIS Controls, etc.)
• Knowledge of software development lifecycle (SDLC) security

• BS and/or MS in a technical discipline
• Experience with log management and analysis tools (Cloud Watch, Guard Duty, etc.)
• Experience with access control management and identity governance
• Hands-on experience with security monitoring and incident response
• Understanding of network security principles and monitoring
• Familiarity with vulnerability management programs and patch management
• Basic scripting or automation skills (Python, Power Shell, or similar) preferred
• Experience with configuration management and security hardening
• Certifications such as CISSP, CISM, CISA, ISO 27001 Lead Auditor, or similar

Data Blend, an eOne Solutions Company, has offices in Austin, TX, Fargo, ND, and Stowe, VT. Remote work is an option, but being near one of our offices is preferred.

$90,(based on experience)

Data Blend values the array of backgrounds, talents, and perspectives that a diverse workforce brings. All qualified applicants will receive consideration for employment without regard to actual or perceived race, religious creed, color, national origin, ancestry, physical or mental disability, medical condition, genetic information, marital or familial status (including registered domestic partnership status), sex and gender (including pregnancy, childbirth, lactation, and related medical conditions), gender identity and gender expression (including transgender individuals who are transitioning, have transitioned, or are perceived to be transitioning to the…