ISSO GRC Third Party Security at Meta

Posted in Other 4 days ago.

Location: Washington, Washington DC

Job Description:

We are creating an operationally effective and highly efficient "service of common concern" for all Integrity, Security, Support, and Operations (ISSO) Governance, Risk, and Compliance (GRC) needs, ensuring Integrity, Security, Support, and Operations continue to meet global regulatory requirements and manage risk. Meta's ISSO GRC is the central engine driving risk management and compliance at the company, supporting Meta and the family of apps. Security engineering is a critical component of supporting integrity and security risk domain governance, risk, and compliance (GRC). GRC initiatives are designed to enable the business to proactively manage risk, to protect sensitive information, and to meet or exceed legal and regulatory obligations and expectations.We're seeking deeply experienced, integrity and security talent to help enable and safeguard Meta's products and services which have a truly global scale. Our goal is to make Meta the premier place to work for governance, risk, compliance, security, and integrity professionals.

ISSO GRC Third Party Security Responsibilities:

  • Collaborate with team members and stakeholders to understand or identify defined work problems and program goals, prioritize deliverables, and discuss program impact.

  • Identify and implement opportunities for increased automation across the program factoring in emerging regulations and proactive detection of risks.

  • Increase Integration of systems to provision simplified engagements for the business, consolidated and efficient workflows, and consumable view of risk for leadership

  • Designing, implementing, and/or assessing security controls

  • Validating vulnerability assessments, controls testing outcomes

  • Identification of risks and detailing of a mitigation plan to ensure that the project stays on track, or is brought back on track in the event of delays or blockers.

  • Providing technical challenge to risk domain strategies, products, designs, features, components.

  • Support business travel on an as needed basis (up to 10%)

Minimum Qualifications:

  • 4 + years of experience in information security, cybersecurity, transparency reporting, integrity, and/or technology risk including one or more domains (e.g., access management, vulnerability management, change management, business continuity, application security, asset management).

  • 2 + years of experience in undertaking and managing programs of work to deliver cyber security assessments that validate the existence and effectiveness of controls to assure the confidentiality, integrity and availability of data held within third party systems.

  • 2 + years of experience in assessing security deficiencies in information systems and recommending mitigating controls in a corporate environment. Negotiates technical capabilities and remediation plans with senior cyber security leaders in third party suppliers.

Preferred Qualifications:

  • BSc/MSc or equivalent experience in Computer Science, Information Systems, Engineering, Cybersecurity or related field

  • Experience in technical challenge and validation of controls and features effectively analyzing risk, compliance, and maturity within the context of business, and technology problems

  • Experience in effectively analyzing risk, compliance, and maturity within the context of business, and technology problems.

  • Industry qualification (CISSP / CISA or similar)

About Meta:

Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today-beyond the constraints of screens, the limits of distance, and even the rules of physics.

Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment.

Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at
More jobs in Washington, Washington DC

Bering Straits Native Corporation


Intelligent Waves, LLC
More jobs in Other