Technical Lead Cyber Security @ Mdf commerce
placeHybrid
attach_money $150,000
businessHybrid
scheduleFull Time
Posted 17 hours ago
Your Application Journey
Interview
Email Hiring Manager
******* @sovra.com
Recommended after applying
Job Details
About Technical Lead Cyber Security
SOVRA is a leading public procurement platform serving over 7,000 government agencies and connecting them with more than 1 million suppliers across North America. Our innovative platform has earned the Achievement of Excellence in Procurement (AEP) Certification from the National Procurement Institute.
Primary Responsibilities
- Lead audit readiness and annual cycles for SOC 2 Type 2, PCI DSS, and FISMA RMF.
- Plan, run, and close internal and external audits including evidence strategy and control walkthroughs.
- Operate and continuously improve the customer trust portal with strict SLA compliance.
- Run vulnerability management across cloud, endpoints, applications, and containers.
- Develop vulnerability metrics and maintain mapping of controls to frameworks like NIST SP 800 53, FedRAMP, and more.
- Drive policy and standard lifecycle along with risk management activities.
- Coordinate with Legal, Privacy, Engineering, IT, and Product to meet regulatory obligations.
- Manage incident response readiness including runbooks, tabletop exercises, and post-incident improvements.
- Embed security by design and automation-first practices in SDLC.
- Oversee vendor third-party risk management and security awareness activities.
Required Experience & Skills
- Minimum 10 years in information security with deep GRC experience.
- Expertise in SOC 2 Type 2, PCI DSS, FISMA RMF and related certifications.
- Technical expertise in trust portal, vulnerability discovery platforms, SIEM, EDR and more.
- Skilled in policy writing, internal controls management and incident-response coordination.
- Authorized to work in the US.
Key Skills/Competency
- SOC2
- PCI DSS
- FISMA
- GRC
- Audit
- Vulnerability Management
- Risk Management
- Compliance
- Cloud Security
- Incident Response
How to Get Hired at Mdf commerce
🎯 Tips for Getting Hired
- Customize your resume: Highlight security audits, GRC, and compliance skills.
- Prepare detailed examples: Showcase vulnerability management and risk reduction.
- Research SOVRA: Understand their procurement platform and technical stack.
- Practice technical questions: Focus on SOC2, PCI DSS, and FISMA frameworks.
- Emphasize certifications: Ensure CISSP, CISM, CISA, or similar are clearly mentioned.
📝 Interview Preparation Advice
Technical Preparation
circle
Review SOC2, PCI DSS, FISMA frameworks.
circle
Practice vulnerability management tool usage.
circle
Brush up on AWS security configurations.
circle
Study GRC and compliance documentation.
Behavioral Questions
circle
Describe handling audit pressure scenarios.
circle
Explain cross-team conflict resolution.
circle
Discuss decision-making in crisis situations.
circle
Share examples of independent project management.
Frequently Asked Questions
What experience does mdf commerce require for Technical Lead Cyber Security?
keyboard_arrow_down
How important are certifications for a Technical Lead Cyber Security at mdf commerce?
keyboard_arrow_down
What audit frameworks will the Technical Lead Cyber Security manage at mdf commerce?
keyboard_arrow_down
What technical skills are essential for Technical Lead Cyber Security at mdf commerce?
keyboard_arrow_down
Is remote work available for mdf commerce's Technical Lead Cyber Security role?
keyboard_arrow_down