Manager/Sr Manager – Information Security

The ERUDITUS group is a leader in the $280 billion global professional education market. In the last fiscal year, the group enrolled 30,000 students from across more than 80 countries in courses delivered in collaboration with university partners such as MIT, Columbia, Harvard Business School, INSEAD, Tuck at Dartmouth, Wharton, UC Berkeley and London Business School. The ERUDITUS group expects to increase its enrolment by more than 200% in the coming fiscal.

EMERITUS offers professional education courses in collaboration with top-ranked universities: MIT, Columbia, Tuck at Dartmouth, Wharton, UC Berkeley and London Business School. Using technology and curriculum innovation, EMERITUS enables working professionals who cannot enroll in full-time courses to access a top-tier, affordable education that will give them the skills needed to be the business leaders of tomorrow. EMERITUS’ global team includes 500+ employees located in Boston, Dubai, Mexico City, Mumbai, New Delhi and Singapore.

Responsibilities:

  • Build, deploy, maintain, and enforce information security risk management standards, policies, and procedures to maintain and enhance the compliance posture within RapidAPI
  • Lead customer, partner, and vendor InfoSec audits and risk assessments, communicate results to information security stakeholders or business partners, and ensure remediation of outstanding issues
  • Perform internal risk assessments and analysis to identify opportunities to improve risk posture, and develop solutions for remediating or mitigating risks and assessing residual risk
  • Anticipate new security threats and stay-up to date with evolving industry, regulatory, and legal requirements relevant to security, compliance, and privacy
  • Monitor security vulnerabilities, threats, and events in network and host systems
  • Develop strategies to handle security incidents and coordinate investigative activities to promote a culture of information security throughout the organization, providing subject matter expertise, guidance, and training
  • Prepare financial forecasts for security operations and proper maintenance cover for security assets
  • Prioritize security projects based on costs, benefits, resources, and alignment with business goals
  • Execute regular Information Security Audits to ensure compliance with existing Information Security policies and identify areas for improvement

Qualifications/Skillsets required:

  • Industry certification in IT Security preferred (e.g. CISSP, CISM, CISA, SANS) • Demonstrated experience of working in a cloud IT environment and cloud product offerings with experience in driving SOC2 and NIST certifications for customer facing environments
  • 10+ years’ experience with Information Security or related field
  • Strong knowledge of security risk management frameworks including related regulatory compliance requirements (e.g. NIST CSF & 800-53, ISO27001, SOC, HITRUST, HIPAA, FedRamp, PCI, GDPR)
  • Has led and built audit and InfoSec compliance frameworks
  • Demonstrated understanding of qualitative vs. quantitative risk management to determine, evaluate, and report on technology risk levels at the project and enterprise level
  • Works independently and with management on high visible, divisional/cross-divisional projects
  • Strong oral and written communication skills with ability clearly communicate complex concepts in simple terms for key stakeholders

To apply for this job, mail us at jobs@emeritus.org