Security Controls Validation Principal

Mr. Cooper

  • Dallas, TX
  • Permanent
  • Full-time
  • 1 month ago
At Mr. Cooper Group, You Make the Dream Possible.Our purpose is simple: Keeping the dream of homeownership alive. As a Mr. Cooper Group team member, you play a big role in making that dream possible. Around here, we know our roles and work together, volunteer to make a difference, and challenge the status quo when needed. Everything we do is in the care and service of our teammates and our customers.Join us and make the dream of home ownership possible!Key Responsibilities:
  • Plan, and execute control validation assessments to ensure compliance to Sarbanes Oxley, other standards, and internal policies.
  • Develop and execute comprehensive tests to validate the effectiveness of technology and process security controls, including but not limited to access controls, encryption, firewalls, intrusion detection/prevention systems, and antivirus solutions.
  • Perform comprehensive testing of IT systems, applications, and networks to identify scope of controls validation testing.
  • Utilize breach attack simulation (BAS) technology, automation testing tools, and manual techniques to evaluate the effectiveness of security controls.
  • Collaborate with stakeholders to develop mitigation strategies and action plans.
  • Maintain accurate and up-to-date documentation of control testing procedures, results, and recommendations.
  • Prepare detailed reports summarizing assessment results and suggested remediation actions.
  • Stay current with relevant industry regulations such as Sarbanes Oxley, compliance frameworks, and security validation testing best practices.
  • Work closely with IT teams, security professionals, and other stakeholders to validate security controls.
  • Provide guidance and support for remediation efforts to address identified security control validation issues.
  • Recommend and implement improvements to security controls based on testing outcomes and emerging threats.
  • Stay informed about the latest cybersecurity trends, vulnerabilities, and control validation best practices.
  • Communicate effectively with senior management and stakeholders, providing updates on security controls validation activities and recommending improvements.
  • Identify opportunities for process improvements and implement strategies to enhance the efficiency and effectiveness of security controls validation efforts.
Qualifications:
  • Proven 2 to 4 years of experience in Security Controls Validation, IT compliance testing, auditing, and risk assessment.
  • Strong understanding of industry standards, regulations, and frameworks (e.g., SOX, SOC1/2).
  • Familiarity with security validation technologies (Cymulate, AttackIQ, etc), tools, scripting languages (Python, PHP, Ruby, etc.) and best practices.
  • Bachelor's degree or equivalent years of experience in Information Technology, Cybersecurity, or a related field.
  • Relevant certifications such as Certified Information Systems Security Professional (CISSP), or Certified Information Systems Auditor (CISA) are preferred.
  • Excellent communication skills and the ability to convey complex technical information to non-technical stakeholders.
Mr. Cooper Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or status as a protected veteran. EOE/M/F/D/VJob Requisition ID: 021810Job Category: Information TechnologyPrimary Location City: DallasPrimary Location Region: TexasPrimary Location Postal Code: 75019Primary Location Country: United States of AmericaAdditional Posting Location(s):

Mr. Cooper