Senior Information Security Engineer - SOX Compliance Lead
Dallas, TX  / Vista, CA 
Share
Posted 25 days ago
Email Job 
Email Job
Job Description

Job Description:

At Enovis we sweat the little things. We embrace collaboration with our partners and patients, and we glory in the grind of scientific excellence - with the goal of transforming medical technology as we know it.

Because that's how we change the lives of patients for the better. And that's how we create better together.

As a key member of the Information Technology team you will play an integral part in helping Enovis drive the medical technology industry forward through transforming patient care and creating better patient outcomes.

Job Title/High Level Position Summary:

Senior Information Security Engineer - SOX Compliance Lead is responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate cybersecurity policies and procedures. Monitors cybersecurity requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related network devices. Performs security assessments of applications and systems using penetration and vulnerability testing and risk analysis. Configures and installs firewalls and intrusion detection systems. Implements software fixes (patches) to remove system vulnerabilities. Responds immediately to cybersecurity-related incidents and provides a thorough post-event analysis. Investigates intrusion incidents and conducts forensic investigations. Wide-ranging experience uses professional concepts and company objectives to resolve complex issues in creative and effective ways. Exercises considerable latitude in determining objectives and approaches to assignments.

Key Responsibilities:

  • Works independently with both IT and business stakeholders to define and document both the IT general controls and IT processes and technical needs to support and generate evidence for those controls within the key applications landscape.
  • Solely responsible for planning, studying, evaluation, reporting and follow-up on the SOX audit to include, but not limited to, process narratives, documenting process flows, identifying and reporting and deficiencies or areas of improvement as required ahead of both internal and external audit testing.
  • Responsible to work with IT application teams to define the application process and testing for each respective application within SOX scope and subsequently conduct walkthroughs and communicate the same to the auditors for clarity of testing scope and understanding of controls.
  • Responsible for preparing and presenting audit reports detailing the results of the audit to leadership.
  • Serves as a liaison between the external audit and internal IT teams to ensure timely communication and action tracking for completion and clarity, and subsequent compensating controls where/if appropriate.
  • Engaged across both internal IT applications and service desk teams to drive efficient processes and engagement.
  • Coordinate with various business leaders and departments to create remediation plans for deficiencies or discrepancies in the findings.
  • Engage on new software evaluation and enablement to communicate key needs required for SOX audit compliance expectations.
  • Strong knowledge of audit procedures and controls and SQL to generate evidence is required.
  • Experience in auditing key financial systems: Oracle EBS, SAP, Oracle EPM, Workday
  • Works on complex projects that are often delivered in the form of objectives.
  • Evaluate the IT organization's compliance with HIPAA, PCI, GDPR and SOX regulations.
  • Conduct vendor risk assessments based on industry standard frameworks.
  • Provide threat and vulnerability analysis as well as security advisory services.
  • Analyze and respond to software and hardware vulnerabilities.
  • Aid in developing new documentation.
  • Provide analysis and trending of security log data.
  • Monitoring and tuning of the Tenable Vulnerability Management, SailPoint IdentityNow, SIEM and DLP systems.
  • Provide Incident Response (IR) support when analysis confirms actionable incident.
  • Integrate and share information with other analysts and other teams.
  • Issue tracking and follow up.
  • Escalation of certain incidents to relevant parties

Skills, Knowledge, and Abilities Requirements

  • Ability to act as a subject-matter expert on audit, controls, systems, and processes.
  • Manage relationships between business, I/T, internal and external auditors.
  • Ability to problem-solve, considering business process and scope changes.
  • Experience defining and conducting audit procedures and testing is required.
  • Experience with SQL and ERPs is mandatory.
  • Experience with Tenable Vulnerability Management
  • Experience with SailPoint IdentityNow
  • Experience with Fortinet Firewalls
  • SIEM Systems (pref. Splunk)
  • DLP Systems
  • Service Management Tools (pref. ServiceNow)
  • Technical network and IT skills (e.g., IP addressing, routing)
  • Information Security Tools (e.g., firewalls, anti-virus, web filtering, email filtering)
  • Experience with information security policies, intrusion response procedures, disaster recovery procedures, risk analysis, and significant experience administering the operations of a complex security infrastructure.
  • Practical knowledge and experience with compliance and security framework standards such as SOX, PCI, SOC 2, NIST/CSF, CIS, ISO 27001.
  • Working knowledge of current and upcoming privacy regulations such as GDPR and LGPD.
  • Knowledge of cloud and SaaS solutions
  • Effective communication skills to translate technical risks and exposures to a business perspective - formal reports and/or presentations.
  • Strong analytical, troubleshooting & interpersonal skills.
  • Strong verbal and written communication skills
  • Self-motivated and able to work independently.
  • Self-Leading- Demonstrate ethics and integrity according to the company's principles and values.
  • Must be customer focused, responsive, and take initiative in this role.

Minimum Basic Qualifications:

  • 8 + years of experience in security operations related role
  • BA/BS in related field preferred. Equivalent experience/certification acceptable.
  • GSEC Certifications able to achieve certification within 6-12 months.
  • CEH Certification a plus

"Creating better together". It's the Enovis purpose, and it's what drives us and empowers us every day on a global scale. We know that the power to create better - for our customers, our team members, and our shareholders - begins with having the best team, pursuing common goals, operating at the highest levels, and delivering extraordinary outcomes.

Watch this short video and discover what creating better together means to us at Enovis:

We offer a comprehensive benefits package which includes:

  • Medical Insurance
  • Dental Insurance
  • Vision Insurance
  • Spending and Savings Accounts
  • 401(k) Plan
  • Vacation, Sick Leave, and Holidays
  • Income Protection Plans
  • Discounted Insurance Rates
  • Legal Services

ABOUT ENOVIS

Enovis Corporation (NYSE: ENOV) is an innovation-driven medical technology growth company dedicated to developing clinically differentiated solutions that generate measurably better patient outcomes and transform workflows. Powered by a culture of continuous improvement, global talent and innovation, the Company's extensive range of products, services and integrated technologies fuels active lifestyles in orthopedics and beyond. Visit to learn more.

EQUAL EMPLOYMENT OPPORTUNITY:

Enovis provides equal employment opportunities based on merit, experience, and other work-related criteria and without regard to race, color, ethnicity, religion, national origin, sex, age, pregnancy, disability, veteran status, or any other status protected by applicable law. We also strive to provide reasonable accommodation to employees' beliefs and practices that do not conflict with Enovis policies and applicable law. We value the unique contributions that every employee brings to their role with Enovis.

ABOUT ENOVIS

Enovis Corporation (NYSE: ENOV) is an innovation-driven medical technology growth company dedicated to developing clinically differentiated solutions that generate measurably better patient outcomes and transform workflows. Powered by a culture of continuous improvement, global talent and innovation, the Company's extensive range of products, services and integrated technologies fuels active lifestyles in orthopedics and beyond.For more information about Enovis, please visit .

EOE AA M/F/VET/Disability Statement

All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, religion, color, national origin, sex, protected veteran status, disability, or any other basis protected by federal, state or local laws.

 

Read More
Job Summary
Company
Enovis
Start Date
As soon as possible
Employment Term and Type
Regular, Full Time
Required Experience
8+ years
Email this Job to Yourself or a Friend
Indicates required fields