Security Engineer, Third Party Risk

See more jobs from Datto Inc

about 4 years old

This job is no longer active

As the world’s leading provider of cloud-based software and technology solutions delivered by managed service providers (MSPs), Datto believes there is no limit to what small and medium businesses can achieve with the right technology. Datto offers Unified Continuity, Networking, and Business Management solutions and has created a one-of-a-kind ecosystem of MSP partners. These partners provide Datto solutions to over one million businesses across the globe. Since its founding in 2007, Datto continues to win awards each year for its rapid growth, product excellence, superior technical support, and for fostering an outstanding workplace. With headquarters in Norwalk, Connecticut, Datto has global offices in the United Kingdom, Netherlands, Denmark, Germany, Canada, Australia, China, and Singapore. Learn more at datto.com.

As a trusted and empowered member of the CISOs staff, you will go out into the organization and identify opportunities for security improvement and organize change. You will oversee efforts that push the enhancement of organizational and engineering security controls and processes. You will assure the achievement of important outcomes through these efforts. 

Your role as part of the information risk management team will be to determine the risks related to third party products, services, and manufacturing partners in support of the risk management practices at Datto. Additionally, this role will be responsible for leading and expanding the current program and processes requiring navigation across the product, engineering, and corporate business areas.  Business engagement is expected in the following areas:

 

  • Conduct due diligence of third party products, services, and manufacturing partners
  • Identification of technical and business security controls, communication of gaps, and mitigation approaches
  • Develop and manage processes in support of third party risk management objectives
  • Continuously monitor intelligence sources related to existing vendors
  • Ad-hoc analysis of business critical activities and decisions 

 

 

About You:

 

  • Ability to work collaboratively and lead discussions to successful outcomes. 
  • Bachelor's degree in Computer Science, Engineering or equivalent IT work experience
  • Three (3) or more years of experience in a role with Information Security GRC responsibilities
  • Two (2) or more years of experience focusing on supply chain management is highly desirable. 
  • Experience designing, implementing and managing security controls and processes
  • Experience with information security frameworks (e.g., ISO 27001/2, SOX IT Controls, COBIT, SOC 2 Trust Principles, PCI DSS, NIST 800-53/CSF)
  • Experience with open source technologies and environments

 



Note: We are looking only for candidates willing to join us directly as W2 employees (No 3rd party candidates)

Benefits:

  • At Datto, we believe our employees are our greatest asset and offer all full-time employees a wide-ranging benefits package, including: 

Summary of benefits not showing up? View a summary here: Datto Benefits

By submitting an application, you acknowledge we will process your data in order to consider you for the position you apply for and for other open positions within our company for which you may be suited. We collect and store your data in accordance with our Recruiting Privacy Practices.

Datto is an equal opportunity employer.