Technical Lead Cyber Security
@ Mdf commerce

Hybrid
$150,000
Hybrid
Full Time
Posted 17 hours ago

Your Application Journey

Personalized Resume
Apply
Email Hiring Manager
Interview

Email Hiring Manager

XXXXXXXXXX XXXXXXXXXXX XXXXXX******* @sovra.com
Recommended after applying

Job Details

About Technical Lead Cyber Security

SOVRA is a leading public procurement platform serving over 7,000 government agencies and connecting them with more than 1 million suppliers across North America. Our innovative platform has earned the Achievement of Excellence in Procurement (AEP) Certification from the National Procurement Institute.

Primary Responsibilities

  • Lead audit readiness and annual cycles for SOC 2 Type 2, PCI DSS, and FISMA RMF.
  • Plan, run, and close internal and external audits including evidence strategy and control walkthroughs.
  • Operate and continuously improve the customer trust portal with strict SLA compliance.
  • Run vulnerability management across cloud, endpoints, applications, and containers.
  • Develop vulnerability metrics and maintain mapping of controls to frameworks like NIST SP 800 53, FedRAMP, and more.
  • Drive policy and standard lifecycle along with risk management activities.
  • Coordinate with Legal, Privacy, Engineering, IT, and Product to meet regulatory obligations.
  • Manage incident response readiness including runbooks, tabletop exercises, and post-incident improvements.
  • Embed security by design and automation-first practices in SDLC.
  • Oversee vendor third-party risk management and security awareness activities.

Required Experience & Skills

  • Minimum 10 years in information security with deep GRC experience.
  • Expertise in SOC 2 Type 2, PCI DSS, FISMA RMF and related certifications.
  • Technical expertise in trust portal, vulnerability discovery platforms, SIEM, EDR and more.
  • Skilled in policy writing, internal controls management and incident-response coordination.
  • Authorized to work in the US.

Key Skills/Competency

  • SOC2
  • PCI DSS
  • FISMA
  • GRC
  • Audit
  • Vulnerability Management
  • Risk Management
  • Compliance
  • Cloud Security
  • Incident Response

How to Get Hired at Mdf commerce

🎯 Tips for Getting Hired

  • Customize your resume: Highlight security audits, GRC, and compliance skills.
  • Prepare detailed examples: Showcase vulnerability management and risk reduction.
  • Research SOVRA: Understand their procurement platform and technical stack.
  • Practice technical questions: Focus on SOC2, PCI DSS, and FISMA frameworks.
  • Emphasize certifications: Ensure CISSP, CISM, CISA, or similar are clearly mentioned.

📝 Interview Preparation Advice

Technical Preparation

Review SOC2, PCI DSS, FISMA frameworks.
Practice vulnerability management tool usage.
Brush up on AWS security configurations.
Study GRC and compliance documentation.

Behavioral Questions

Describe handling audit pressure scenarios.
Explain cross-team conflict resolution.
Discuss decision-making in crisis situations.
Share examples of independent project management.

Frequently Asked Questions