The future of work is flexible, and so is OneSpan. Our teams have proven that they are able to achieve their goals together while being apart throughout the global pandemic, and we are embracing work flexibility. Many positions and locations will provide you with the choice of in office work, distributed or hybrid. We collaborate with each employee to develop their preferred work environment.
OneSpan is looking for an Information Security Advisor to complete its Trust and Compliance team.. The Information Security Advisor will be involved in the continuous improvement of the company’s security and privacy compliance posture through taking an active part in security and privacy-related audits, assessments, certifications and compliance initiatives. This includes helping ensure the company’s SaaS offerings meet and operate according to security and privacy company policies, customer commitments, contractual, legal and regulatory requirements, as well as adopted security and privacy-related frameworks (e.g. ISO 27001, SOC 2, HIPAA, etc.). Working with R&D and Operations teams, the Information Security Advisor will ensure that the required administrative, technical and physical controls are identified, documented, implemented, maintained and periodically tested to ensure they operate effectively and efficiently across multiple product lines. Additionally, as a subject-matter expert, the Information Security Advisor will support the sales process by responding to customer due diligence inquiries, addressing security questions and concerns about the company’s products and services.
- Actively partake in compliance and certification initiatives by defining, implementing and documenting required controls as well as monitoring and reporting on their continuous operating effectiveness
- Develop, monitor and report on action plans for identified security and compliance issues
- Act as liaison with external auditors, assessors and customers on ongoing compliance and audit initiatives
- Support the sales process by working with business analysts, pre-sales engineers and technical account managers in responding to customer security, privacy and compliance questions
- Collaborate with product management, product owners, R&D, operations and project teams on the definition and implementation of security, privacy and compliance controls for our products and services
- Advise technical teams on implementation of controls to meet security best practices
- Support R&D and Operations teams in the identification and correction of any vulnerabilities or security issues identified in our products and services
- Participate in the development, review and implementation of various security policies, standards, guidelines and processes
- Contribute to risk management and vendor risk management processes
- Bachelor’s degree in Information Systems, Computer Science, Information security or equivalent
- Minimum of 5 years of cumulated hands-on security, audit and compliance experience
- Professional certifications in the security, risk management and audit areas highly desirable: CISSP, CRISC, CISM, CISA, etc.
- Ability to understand and translate business needs and compliance requirements into actionable technical and administrative controls
- Keen attention to detail
- Excellent communication & documentation skills
- Strong command of the English language
- Demonstrated initiative
- Ability to plan and deliver on commitment
- Strong problem-solving and decision-making skills
- Field experience in security and/or privacy audits and/or compliance initiatives
- Experience in regulated industries
- Experience with information security frameworks such as SOC 2, ISO 27001 NIST 800-53, NIST CSF
- Familiarity with GDPR, FedRAMP, HIPAA, PIPEDA and other security and privacy-related laws, regulations and frameworks.
- Experience in a SaaS environment
We offer you the opportunity to be part of a world of trusted digital interactions and agreements.
You hold significant responsibility and accountability; your work makes an impact. We move quickly to stay on top of the latest technology and industry trends, which inform and help your work. If you want to join a team that helps organizations to accelerate their digital transformations by enabling secure, compliant, and refreshingly easy digital customer agreements and transactions, we like to meet you!
We know it takes people with a diversity of perspectives, ideas, and culture to make our company succeed. We are committed to building a community of belonging and meaningful connections. Likewise, we also believe that hiring the best talent will lead to the creation of better products and services.
OneSpan is an Equal Opportunity employer, for more information please visit our Privacy Center.