Senior Internal Auditor - Cybersecurity Compliance

MathWorks has a hybrid work model that enables staff members to split their time between office and home. The hybrid model provides the advantage of having both in-person time with colleagues and flexible at-home life optimizations. Learn More~ https~//www.mathworks.com/company/jobs/resources/applying-and-interviewing.html#onboarding.

Are you passionate about driving compliance efforts and contributing to software quality assurance and security compliance efforts?

Do you want to work with teams to improve information security practices and software development processes?

If yes, we want to talk with you!

Our Audit, Assurance and Compliance team is growing, and we are actively hiring! You will perform periodic internal audits, contribute to improving our internal security and quality practices by identifying areas of control weaknesses, and help cross-functional development teams to improve their processes and products, while preparing them for external certification audits.

MathWorks nurtures growth, appreciates diversity, encourages initiative, values teamwork, shares success, and rewards excellence.

,

• Enable development of internal controls, processes and compliance mechanisms for secure software development.
• Perform periodic audits to assess compliance for high impact areas and identify problems/areas of improvements.
• Perform security compliance audits for software development, identifying problems and areas for process improvement.
• Work closely with IT and other stakeholders to ensure a multi-layered approach to cyber security is adopted, ensuring the confidentiality, integrity and availability of IT services
• Work cross-functionally to provide security controls expertise, test controls to meet information security requirements and develop strategies to identify, mitigate and manage current and emerging cyber threats
• Support risk assessments to help prioritize security controls deployment and ensure compliance with corporate cybersecurity policies, regulations and standards pertaining to Information and Product Security.
• Utilize industry frameworks to assess environments and maintain security plans and remediation tracking and revise them on a regular cadence to ensure audit readiness.
• Apply defense-in-depth methodology when assessing the effectiveness of controls including how to apply a compensating control.
• Maintain regulatory evidence including policies, standards, training, and compliance monitoring.
• Generate periodic reports to teams and senior stakeholders and make practical recommendations to improve security practices.
• Help facilitate organizational adoption of internal standards and best practices through active engagement with process owners and cross-functional stakeholders.
  
  

• Experience with software development processes.
• Experience with performing internal process audits and process improvement work.
• Experience with / understanding of SOC 2, COBIT, ITIL, ISO, IT General Controls (ITGC), NIST 800-171, NIST 800-53, ISO 27001/2, NIST SSDF, and/or other industry standard control frameworks to document and assess Cybersecurity compliance.
• Exceptional communication skills including clear and concise writing, an engaging presentation style, and group facilitation.
• Strong teamwork skills with a demonstrated ability to collaborate across teams and roles.
  
  

• A bachelors degree and 6 years of professional work experience (or a masters degree and 3 years of professional work experience, or a PhD degree, or equivalent experience) is required.