Stem is a global leader in energy transition, and this role involves designing and implementing secure, compliant controls within cloud and IT infrastructure. The ideal candidate will have experience in security and compliance, GRC, security operations, and audits, with a strong understanding of cloud security and compliance, particularly with AWS.
Requirements
- Bachelor’s degree in Computer Science, Information Systems, Security or a related field.
- 4+ years of experience within a security and compliance function
- 3+ years of experience in GRC (Governance, Risk, and Compliance), security operations, or audits.
- Experience with vulnerability management tooling, remediation, and processes
- Experience with Docker, Terraform, AWS
- Understanding of concepts related to Systems Engineering/DevOps, IaC, IAM, network security, systems security, cryptography, privacy
- Understanding of compliance frameworks (e.g., GDPR, SOC2, ISO) and security best practices.
- Strong expertise in cloud security and compliance, particularly with AWS.
- An understanding of best practices and how to implement them at a business-wide level.
- Have a wide understanding of cybersecurity and data protection with frameworks such as SOC 2, ISO 27001, NIST, DPDPA, or GDPR.
- Technical proficiency in scripting (Python, Bash, PowerShell) and security tools.
- Strong understanding of cloud security (AWS, Azure, etc.).
- Critical thinking skills and the ability to solve problems as they arise.
- Direct experience with International and National Laws and Requirements.
- Knowledge of disaster recovery, computer forensic tools, technologies, and methods around data protection.
- Experience planning, researching, and developing policies, standards, and procedures to align with company’s strategy and best practices.
- Experience in NIST 800 series standards and NIST Privacy Framework, preferred.
- Knowledge of Large Language Models (LLMs) and secure, compliant integration.
- Ability to communicate identified issues to peers and management.
- Analyze systems and seek improvements on a continuous basis.
- Deep understanding of how artificial intelligence works is an added value, but not required
- Attention to detail and concentration
