Staff Cybersecurity Specialist

Staff Cybersecurity Engineering

As a Staff cybersecurity engineer with Convera, we are looking for the primary administrator of an automated GRC platform to support the Convera cybersecurity program and all the IT stakeholders.  You will also support efforts using this system for responding to regulator questions, independent audit, and customer assurance. 

You will be responsible for:

Represent the Convera cybersecurity team in the India region with respect to compliance and cybersecurity activities.

• Ensure controls are followed continually and without material audit findings or qualifications.
• Respond and assist with urgent new cybersecurity requirements, security incidents, outages, and customer grievances.
• Participate and report on multi-regional projects to identify and track appropriate corrective measures to resolve issues as they arise.
• Develop and manage project plans and budget/resource estimates as needed.
• Participate in Vendor / Supply Chain Risk Management to ensure availability
• Perform vendor due diligence Cyber risk reviews to ensure supply chain compliance
• Assist in Vendor Onboarding/Contract Negotiations related to cybersecurity
• Perform cyber resiliency assessments to detect and identify weaknesses in the security posture of the organization's resiliency and recovery strategies
• Assist with vendor due diligence risk reviews and questionnaires to ensure supply chain compliance.
• Assist in working with Convera vendors, contactors, and third parties to confirm compliance to Convera policies, service level agreements, and acceptable usage policies.
• Find, report, and help remediate cybersecurity risks and compliance gaps to Convera and Convera-contracted services by working with IT teams, business teams, and other stakeholders.
• Oversee regular vulnerability assessments, internal technical reviews, and penetration testing of cloud environments and applications
• Partner with IT teams to develop and implement remediation strategies for identified security issues
• Develop metrics and reports to track vulnerability management program effectiveness
• Evaluate and recommend security tools and technologies
• Provide security guidance to technical teams
• Facilitate, coordinate, and obtain vulnerability reporting requirements from multiple stakeholders.
• Assist on Risk Assessments
• Document, analyze, and report control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities.
• Partner with IT teams to develop and implement remediation strategies for identified security issues
• Assist in investigating internal and external information security risk and exceptions assessments
• Partner with SecOps & Enterprise Tech on new business solutions & architecture
• Help assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks.
• Inform the proper stakeholders of important concerns and hazards.
• Be proactive in seeking out areas for improvement and offer insightful advice and value-added guidance on process and control enhancements.
• Operate with a high degree of independence regarding cybersecurity project and program activities.
• Manage multi-regional projects to identify and track appropriate corrective measures to resolve issues as they arise.
• Respond and assist with urgent new requirements, security incidents, outages, and customer grievances.
• Develop and manage project plans and budget/resource estimates as needed.
• Assist in security incident response and forensic investigations when needed
• Assist in internal and external audit efforts.
• Support new security and privacy compliance changes from all over the world.

About You

• Have 5+ years’ experience in cybersecurity with a focus on compliance and risk in the finance and payment industry.
• CompTIA Security+, (ISC)2 SSCP, GSEC, AWS Certified Cloud Practitioner, Azure Security Engineer Associate, Certificate of Cloud Security Knowledge or other industry recognized technical, or security certification(s). CISSP, CISA, CISM, or other industry recognized security certification(s) are preferred.
• Hands on experience with vulnerability scanning tools and penetration testing methodologies
• Skilled at analyzing complex problems, impact analysis, and enabling informed decision making.
• Excellent interpersonal, communication, and presentation skills, including a strong customer service orientation.
• Up to date with technology and compliance risks facing dynamic organizations, with an excellent understanding of the regulatory environment and the challenges to meet a rapidly evolving landscape.
• Expertise in planning and delivering a wide range of projects including embedding risk and governance frameworks, introducing new policies and processes, and implementing IT systems.
• Successful at stakeholder engagement and experienced at operating at both strategic and tactical levels.
• Can quickly identify key operational risks, material impacts, risk indicators and controls within the business area.
• Experience with working on IT systems in a global 24x7 operation with varying levels of uptime and security requirements.
• Have a strongly motivated to work independently, desire to learn and grow in a fast-paced, complex environment.
• Develop and manage project plans and budget/resource estimates as needed.
• A fast learner, able to manage details and complex needs.
• Are up to date with technology and compliance risks facing dynamic organizations, with an excellent understanding of the regulatory environment and the challenges to meet a rapidly evolving landscape.
• Have strong and honest communication skills as well as confident communicating verbally and in writing.
• Have a basic understanding of the finance industry, risk management, and cloud technology.
• Familiar working with industry-standard regulatory requirements (SOC1/2, PCI, GDPR, etc.) and technical standards (CIS, NIST, STIG, etc.)
• Excellent interpersonal, communication, and presentation skills, including a strong customer service orientation and confident in communicating verbally and in writing with respect to local cultures and languages.

About Convera

Convera is the largest non-bank B2B cross-border payments company in the world. Formerly Western Union Business Solutions, we leverage decades of industry expertise and technology-led payment solutions to deliver smarter money movements to our customers – helping them capture more value with every transaction. Convera serves more than 30,000 customers ranging from small business owners to enterprise treasurers to educational institutions to financial institutions to law firms to NGOs.

Our teams care deeply about the value we bring to our customers which makes Convera a rewarding place to work. This is an exciting time for our organization as we build our team with growth-minded, results-oriented people who are looking to move fast in an innovative environment.

As a truly global company with employees in over 20 countries, we are passionate about diversity; we seek and celebrate people from different backgrounds, lifestyles, and unique points of view. We want to work with the best people and ensure we foster a culture of inclusion and belonging.

We offer an abundance of competitive perks and benefits including: 

• Competitive salary
• Opportunity to earn an annual bonus.
• Great career growth and development opportunities in a global organization
• A flexible approach to work

There are plenty of amazing opportunities at Convera for talented, creative problem solvers who never settle for good enough and are looking to transform Business to Business payments. Apply now if you’re ready to unleash your potential.

#LI-KP1