Frontdoor is reimagining how homeowners maintain and repair their most valuable asset – their home. As the parent company of two leading brands, we bring over 50 years of experience in providing our members with comprehensive options to protect their homes from costly and unexpected breakdowns through our extensive network of pre-qualified professional contractors. American Home Shield, the category leader in home service plans with approximately two million members, gives homeowners budget protection and convenience, covering up to 23 essential home systems and appliances. Frontdoor is a cutting edge, one-stop app for home repair and maintenance. Enabled by our Streem technology, the app empowers homeowners by connecting them in real time through video chat with pre-qualified experts to diagnose and solve their problems. The Frontdoor app also offers homeowners a range of other benefits including DIY tips, discounts and more. For more information about American Home Shield and Frontdoor, please visit frontdoorhome.com.
Responsibilities Security & Compliance: Lead efforts in the evaluation of existing architecture and processes to identify design and operating effectiveness gaps or process improvements, implement and manage security controls, promote security awareness and training, execute regular security assessments to identify risk related to technology, security and/or privacy.IT Risk Management: Responsible for the continuous assessments and documentation of the Company’s compliance status and risk posture to assist in protection of assets, decision-making and operational efficiency.IT Policy Management: Serve as a SME in the creation, implementation, and revision of IT policies within the Company based on legislative and regulatory requirements, emerging threats and process maturation.Third-Party Risk Management: Facilitate third-party risk due diligence activities and evaluations for identifying, assessing, mitigating and managing risks related to vendors and service providers.Regulatory Compliance: Lead efforts in the design, implementation, training and maintenance of a common controls framework for continuous testing and monitoring of all information security controls. Lead information security compliance activities related to PCI-DSS, SOC2, and SOX.Data Security & Privacy: Assist in the design, implementation, training, and standardization of security controls for the processing, storage, and transmission of sensitive and PII data.Disaster Recovery: Participate in disaster recovery (DR) design, planning, implementation and testing activities for critical assets and processes.Security Awareness: Develop and execute annual and continuous cybersecurity awareness trainings, plan and execute on internal cybersecurity awareness events and sessions on trending content, and help to enhance security awareness culture.Cyber Risk Management: Work closely with InfoSec team members to identify, manage and monitor risks and their associated remediation activities related to incidents, vulnerabilities, patching anomalies, penetration testing deficiencies, phishing campaigns, security architecture review exceptions and security posture ratings. Qualifications 10+ years of practical experience in the design, build, test and deployment of Governance, Risk and Compliance (GRC) frameworks and related programs.Technical ability to develop robust automated GRC processes to minimize manual work and gain efficiencies.SME and experience conducting audits or security assessments related to GITC SOX, COBIT, ITIL, ISO, NIST, PCI-DSS, SOC2, CIS Controls and Data Privacy Laws.Experienced in the creation and maintenance of documented security policies, standards, and guidance.Strong experience with the NIST or ISO cybersecurity and risk frameworks and their components.Proficient in standard assessment tools and cyber risk management frameworks.Ability to effectively lead major compliance initiatives, build processes organically, problem-solve, communicate with and influence cross-functional stakeholders, make decisions related to risk management activities, and develop reporting metrics.Functional knowledge of key security domains: security and risk management, asset security, security architecture and engineering, network security, identity and access management, security operations and software development security.Effective written and verbal communication skills, especially translating between business and technical terminology.Ability to effectively communicate with stakeholders on risk remediations and technical process improvements.Critical thinking and analytical skills to synthesize information, perform root-cause analysis, and provide practical recommendations to management to address the control gap or process weakness.Commitment to stay current with emerging security and privacy trends.Strong attention to detail, project management and organizational skills.Self-starter with ability to effectively manage workloads across multiple stakeholders and time zones.Ability to work with a sense of urgency and quickly shift priorities, projects and timelines as needed.1Preferred Qualifications:
CISA, CISSP, CISM, CRISC, CDPSE or other security training/certifications.Hands on experience or proficiency in GRC and security tools.Knowledge Cloud Computing, Mobile Apps, and End User Computing security best practices Other/State SpecificThis role pays between $139k to $155k, and your actual base pay will depend on your skills, qualifications, responsibilities, experience, and location.
At Frontdoor certain roles are eligible for additional rewards and incentives. Speak directly to your recruiter to learn more.
Our approach to benefits is holistic, and includes health, wellbeing and financial components including: insurance for medical/pharmacy, dental, vision, life, and disability, weight loss and smoking cessation programs, matching 401(k) and ability to participate in our employee stock purchase plan.
Options Apply for this job onlineApplyShareEmail this job to a friendRefer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed Need help finding the right job? We can recommend jobs specifically for you! Click here to get started. Application FAQsSoftware Powered by iCIMS
www.icims.com