Job Information
MathWorks Senior Security Assurance Engineer - Control Framework in Natick, Massachusetts
Senior Security Assurance Engineer - Control Framework
JavaScript Not Enabled Your browser settings are preventing you from taking full advantage of the MathWorks Careers application. You can enable JavaScript within the Options or Preferences menu of most browsers. For explicit instructions for your particular browser, visit www.enable-javascript.com.
Apply Now
Job: 36670-RKUL
Team:Software Process Engineering
Location:US-MA-Natick
Salary Range: $118,400 - $183,600
Job Summary
Are you passionate about leading security governance and driving change management initiatives?
Do you thrive on the challenge of designing, implementing, and enhancing security controls and procedures?
If guiding organizations through transformative security improvements excites you, we want to hear from you!
We are looking for a proactive, dynamic, and collaborative team member to drive industry-alignment of our internal security controls, and c hampion compliance through proactive audits, rigorous quality checks, and actionable solutions that improve the security of our products and infrastructure.
Responsibilities
Policy and Control Development:
Establish quality criteria and review processes for information security policy and control development, ensuring consistency, clarity, and auditability before formal approval.
Review and validate internal security policies and IT General Controls (ITGCs) against quality criteria to ensure they are complete, accurate, traceable, and aligned with NIST, CMMC, COBIT, and ISO 27001 requirements.
Procedure Development:
Partner cross-functionally to drive development and maintenance of internal standards and procedures that support an effective and efficient system of internal controls
Evaluate whether documented procedures accurately reflect approved security policies and meet required quality standards.
Verify that procedures are complete, actionable, and aligned with compliance frameworks, and provide feedback or required revisions to process owners.
Control Implementation:
Drive implementation of security controls and processes by engaging with process owners, control operators, and cross-functional stakeholders.
Independently assess and verify the correct and consistent implementation of security controls across teams and systems.
Conduct quality checks to confirm that implemented controls meet security requirements, are supported by appropriate evidence, and remain effective over time.
Compliance Monitoring:
Perform ongoing audits, spot checks, and control tests to assess the effectiveness, reliability, and sustainability of information security controls.
Identify deviations, gaps, or process defects and ensure that remediation actions are clearly documented, assigned, completed, and validated.
Drive and verify the effectiveness of corrective and preventive actions, ensuring that process improvements are implemented, documented, and sustained.
Minimum Qualifications
- A bachelor's degree and 6 years of professional work experience (or a master's degree and 3 years of professional work experience, or a PhD degree, or equivalent experience) is required.
Additional Qualifications
Experience with software development processes.
Hands-on experience with definition and implementation of department / organizational security controls.
Experience with performing internal process audits and process improvement work.
Experience with / understanding of SOC 2, COBIT, ITIL, ISO, IT General Controls (ITGC), NIST 800-171, NIST 800-53, ISO 27001/2, NIST SSDF, and/or other industry standard control frameworks to document and assess Cybersecurity compliance.
Exceptional communication skills including clear and concise writing, an engaging presentation style, and group facilitation.
Strong teamwork skills with a demonstrated ability to collaborate across teams and roles.