Remotery

Cybersecurity Staff Engineer

Posted Jul 7

This is a fully remote position, open to applicants in New Jersey.

📋 Description

• Consolidate risk posture, control deficiencies, and issue status across all cybersecurity domains into unified dashboards and executive-level reporting frameworks.

• Act as the primary source of GRC intelligence — transforming disparate signals into a clear organizational risk overview.

• Develop and uphold consistent metrics and KPIs that accurately represent compliance health across all domains.

• Manage the entire issue lifecycle — from identification to remediation — ensuring findings progress without being hindered by handoff gaps.

• Create accountability frameworks among tower leaders and partner teams to maintain risk closure without needing direct authority.

• Ensure non-IT departments adhere to documented procedures and assist them in addressing audit discrepancies.

• Raise systemic issues and trend patterns to senior leadership along with actionable recommendations.

• Oversee all facets of ISO 27001 certification maintenance, including evidence gathering, control mapping, audit readiness, and ongoing improvement.

• Cultivate relationships with external auditors and certification bodies.

• Guarantee that the program is audit-ready throughout the year, not just during certification periods.

• Contribute to our SOC 2 Type II program and lead compliance posture concerning relevant trust service criteria.

• Collaborate with engineering, IT, and operations teams to ensure controls are implemented, documented, and sustainable.

• Conduct and document Level 1 cyber risk assessments using established frameworks such as NIST CSF and ISO 27001.

• Maintain the enterprise cyber risk register, ensuring risks are accurately rated, assigned, and tracked towards resolution.

• Identify emerging risks associated with our industry — fan data systems, broadcast infrastructure, global event operations — providing appropriate context for decision-makers.

• Partner with tower leads, IT, Legal, Privacy, and Procurement to align on risk priorities and facilitate coordinated remediation efforts.

• Communicate policy and regulatory requirements in a manner that resonates with both technical practitioners and executive stakeholders.

• Function as a trusted advisor throughout the organization — influencing outcomes without relying on organizational hierarchy.

• Identify opportunities to automate compliance efforts through scalable GRC platforms and integrations, replacing manual processes.

• Propel the adoption and optimization of tools such as Drata, ServiceNow GRC, OneTrust, or similar platforms.

• Stay informed about the tooling landscape and provide recommendations that enhance program efficiency and coverage.

• Maintain a working knowledge of regulations relevant to our global operations — including GDPR, CCPA, and evolving international data residency requirements.

• Support third-party and vendor risk assessment processes in coordination with Legal and Procurement, ensuring vendor relationships comply with our standards.


⛳️ Requirements

• Over 7 years of progressive experience in Cybersecurity GRC, Risk Management, or Compliance, with exposure to both program ownership and cross-functional collaboration.

• Proven ability to manage multiple security domains concurrently without sacrificing precision or accountability.

• Practical experience leading ISO 27001 certification programs and SOC 2 Type II compliance — you've managed audit cycles, not merely supported them.

• Familiarity with one or more GRC platforms (Drata, ServiceNow, OneTrust, or similar).

• CISSP, CISM, or CRISC certification is preferred.

• Experience in sports, entertainment, media, or other high-profile consumer-facing sectors is an advantage.


🏝️ Benefits

• Medical

• Dental

• Vision

• Life/AD&D insurance

• Short- and long-term disability

• Fertility and family-forming assistance

• Wellbeing allowance

• Educational assistance

• Mental health coaching/therapy

• Tax-advantaged accounts such as HSA and healthcare/dependent care FSAs

• A 401(k) retirement plan

• Time off benefits that include vacation, sick time, and personal days

People also viewed

Baringa3 hours ago

Senior Cyber Security Engineer

GB flagUnited Kingdom OnlyFull-timeCybersecurity / Security Engineer
ApplyView job
Inetum3 hours ago

Senior Network and Security

ET flagEthiopia OnlyFull-timeCybersecurity / Security Engineer€50k – €58k/year
ApplyView job
AddSales3 hours ago

Sales Development Representative, Cyber Security

DE flagGermany OnlyFull-timeCybersecurity / Security Engineer€42k – €65k/year
ApplyView job
IonQ3 hours ago

Staff Product Marketing Manager – Quantum Networking, Security

US flagUnited States OnlyFull-timeCybersecurity / Security Engineer$128.4k – $167.5k/year
ApplyView job
Castillians3 hours ago

SIEM and Security Architecture Engineer

IE flagIreland OnlyFreelanceCybersecurity / Security Engineer
ApplyView job
Agile Defense3 hours ago

Senior Security Architect

US flagUnited States OnlyFull-timeCybersecurity / Security Engineer
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers