Security Compliance Lead

The Role

Hitachi Vantara seeks a passionate and talented Security Compliance Lead to join our Cloud Engineering team to support Hitachi Vantara customers and service groups to oversee the day-to-day operations of compliance services. This role is responsible for leading the planning, scoping, execution and reporting of audits based on compliance standards and frameworks related to various business units and external customers. As part of the Cloud Engineering team, you will report to the Director of Cloud Security and Compliance Services and actively engage in internal and external audit activities to improve Hitachi Vantara's customers and Global Cloud Operations security posture.

The Security Compliance Lead will leverage engineering, operational, and analyst team input, while providing thought leadership in assisting our partners, educational institutions, state, local, and government agency customers to enable them to move their workloads and heavily regulated data into the cloud. This will be done by addressing their specific security and compliance requirements. The Security Compliance Lead will develop high-level strategies to address overall risk to IT systems and customer data through recommendations to IT systems owners and management.

This candidate should be a technically experienced information security professional who can translate technical security solutions to address a wide range of IT security, privacy and compliance challenges. This Security Compliance Lead will directly partner with customers in adapting their security control framework to enable them to move their sensitive workloads to the cloud environment.

This position requires significant hands-on experience with the compliance standards. The candidate will ensure that Assessment and Authorization processes are followed, and documentation is accurate and complete for all applicable compliance frameworks within the organization. The individual should strong interpersonal skills and be willing to take initiative in a dynamic, client facing environment.

Mandatory Skills:

Minimum 5+years of experience in Security and Compliance domain with operations auditing, risk management, IT Compliance & Information Security. Good understanding of Cloud native security services (AWS/Azure).
Hands-on experience with the FISMA compliance standards and the ability to apply the NIST Risk Management Framework.
Experience in performing technical assessments of Cloud environments in direct support of compliance efforts such as (FedRAMP, HIPAA, PCI, SOC2, ISO27001, ISO27002)

Role Description Skills:

* Good understanding of cloud computing architecture, technical design and implementations, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as Service (SaaS) and containerized delivery models across multiple different cloud vendors.
• Analyze and recommend solutions for information security related issues based on experience and security best practices for IT systems, services, applications and products
• Partner directly with clients to review compliance documentation, requirements, and assist with the understating of control implementations within the client's environment
• Work with clients to resolve concerns and to understand how compliance is achieved while operating in the cloud through delivery of training, deep dive technical discussions, strategic presentations, and hands on demonstration of security controls in the environment.
• Support the deployment and integration of security and compliance related within a client's cloud infrastructure
• Provide proactive mitigation steps of infrastructure, applications vulnerabilities and recommending compensating controls

Preferred Requirements:

• Understands how to utilize NIST and FedRAMP documentation including SP-800-30, SP-800-37, SP 800-53, SP 800-39, and SP 800-37, FIPS 199, FIPS 200, OMB A-130. • Experience in developing and reviewing system security plans, information security policies and procedures, contingency plans, incident response plans, etc.
• Experience in the review and advisement of continuous monitoring activities (POA&Ms, vulnerability management, Incident Response, Significant change etc.)
• Understanding of Infrastructure, Platform and Application Security best practices.

• Excellent oral and written communication skills
• Ability to think critically and be responsive to time sensitive requests
• Bachelor's degree in Information systems, related discipline or equivalent experience
• CISA, CISSP, CCSP, CISM, or similar industry certifications preferred

Our Company

Hitachi Vantara is part of the Global Hitachi family. We balance innovation with an open, friendly culture and the backing of a long-established parent company, known for its ethical reputation. We guide customers from what's now to what's next by unlocking the value of their data and applications to solve their digital challenges, achieving outcomes that benefit both business and society.

Our people are our biggest asset, they drive our innovation advantage and we strive to offer a flexible and collaborative workplace where they can thrive. Diversity of thought is welcomed and our employee base is represented by several active Employee Resource Group communities. We offer industry leading benefits packages (flexible working, generous pension and private healthcare) and promote a creative and inclusive culture. If driving real change gives you a sense of pride and you are passionate about powering social good, we'd love to hear from you.

Our Values

We strive to create an inclusive environment for all and are open to considering home working, compressed/flexible hours and flexible arrangements. Get in touch with us to explore how we might be able to accommodate your specific needs.

We are proud to say we are an equal opportunity employer and welcome all applicants for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. With Japanese roots going back over 100 years, our culture is founded on the values of our parent company expressed as the Hitachi Spirit:

Wa - Harmony, Trust, Respect

Makoto - Sincerity, Fairness, Honesty, Integrity

Kaitakusha-Seishin - Pioneering Spirit, Challenge