Edtech.com's Summary

MathWorks is hiring a Senior Security Assurance Engineer - Regulatory Compliance. The role involves translating regulatory requirements into technical solutions for cloud and on-premises systems, leading certification efforts, conducting cybersecurity risk assessments, and managing risk strategies to ensure alignment with industry best practices. The engineer will also produce clear risk and compliance reports to guide leadership decisions and identify organizational training needs.

Highlights

Translate evolving security, regulatory, and compliance requirements into actionable technical solutions.
Lead external certification and attestation efforts to support regulatory compliance.
Independently review cybersecurity risk assessments and ensure mitigation measures are effective and tracked.
Develop and maintain risk-based IT, information security, and privacy compliance programs.
Define quality criteria and validate accuracy of risk and compliance reports distributed to management.
Possess knowledge of regulatory frameworks including SOC 1/SOC 2, CSA-CCM, ISO standards, GDPR, CCPA, PCI-DSS, NIST RMF, FedRAMP, and CMMC 2.0.
Experienced in software development processes.
Strong communication skills for clear writing, presentations, and group facilitation.
Bachelor's degree with 6+ years of experience or a master’s degree with 3+ years, or equivalent qualifications.
Collaborate effectively across multiple teams to meet compliance and risk management goals.

Senior Security Assurance Engineer - Regulatory Compliance Full Description

Senior Security Assurance Engineer - Regulatory Compliance

Team: Software Process Engineering
Location: US-MA-Natick
Salary Range: $119,200 - $184,800

Job Summary

Join MathWorks as a key player in safeguarding our organization’s regulatory compliance and risk posture! In this dynamic role, you’ll translate evolving regulatory requirements into actionable technical solutions for both cloud and on-premises environments, champion external certification efforts, and lead organizational training initiatives. You’ll independently assess cybersecurity risks, shape our risk management strategy, and ensure that our compliance program aligns with industry best practices. Your expertise will drive the accuracy and clarity of risk and compliance reporting, help identify systemic gaps, and deliver actionable insights to leadership—making a direct impact on MathWorks’ security and regulatory excellence.

Responsibilities

Regulatory Compliance:

Stay on top of industry knowledge and changing regulatory landscape to identify impact to MathWorks
Provide subject matter expertise in translating security, regulatory, and compliance requirements into technical requirements and implementing effective solutions for cloud and on-premises environments
Verify that regulatory changes are correctly interpreted, incorporated into standards, and consistently implemented across relevant processes and teams.
Drive external certification/attestation efforts to support regulatory compliance.
Identify organizational training needs for topics involving regulatory compliance and risk management.

Risk Management:

Independently review and validate cybersecurity risk assessments and vulnerability analyses to confirm that methodologies, inputs, and conclusions meet defined security standards.
Evaluate the changing operating landscape and determine its impacts on organizational risks, obligations and external expectations; recommend changes to risk approach to ensure consistency with current security best practices
Assess the quality and completeness of risk identification for cloud-hosted services and on-premises environments, and verify that mitigation recommendations are appropriate, actionable, and tracked to closure.
Develop and implement a risk-based IT/Information Security/Privacy compliance program to ensure adherence to key regulatory requirements/expectations and industry best practices

Reporting:

Define and maintain quality criteria for risk and compliance reporting, including data integrity checks and documentation of assumptions.
Review and validate risk analysis reports, dashboards, and metrics to ensure accuracy, clarity, and consistency prior to distribution to management and stakeholders.
Track and analyze recurring issues, audit findings, and defects related to regulatory compliance and risk management to identify systemic gaps, and periodically report insights to management.

Minimum Qualifications

A bachelor's degree and 6 years of professional work experience (or a master's degree and 3 years of professional work experience, or a PhD degree, or equivalent experience) is required.

Additional Qualifications

Experience with software development processes.
Practical experience with policy and regulatory mandates such as SOC 1/SOC 2, CSA-CCM, ISO27001/27002/22301/27017/42001, GDPR, CCPA, PCI-DSS, the NIST Risk Management Framework, and associated standards such as NIST SP(s) 800-34/800-53 Revision 5/800-171, FedRAMP, CMMC 2.0;
Exceptional communication skills including clear and concise writing, an engaging presentation style, and group facilitation.
Strong teamwork skills with a demonstrated ability to collaborate across teams and roles.

Original Job Description

Senior Security Assurance Engineer - Regulatory Compliance

Team: Software Process Engineering
Location: US-MA-Natick
Salary Range: $119,200 - $184,800

Job Summary

Responsibilities

Regulatory Compliance:

Stay on top of industry knowledge and changing regulatory landscape to identify impact to MathWorks
Provide subject matter expertise in translating security, regulatory, and compliance requirements into technical requirements and implementing effective solutions for cloud and on-premises environments
Verify that regulatory changes are correctly interpreted, incorporated into standards, and consistently implemented across relevant processes and teams.
Drive external certification/attestation efforts to support regulatory compliance.
Identify organizational training needs for topics involving regulatory compliance and risk management.

Risk Management:

Independently review and validate cybersecurity risk assessments and vulnerability analyses to confirm that methodologies, inputs, and conclusions meet defined security standards.
Evaluate the changing operating landscape and determine its impacts on organizational risks, obligations and external expectations; recommend changes to risk approach to ensure consistency with current security best practices
Assess the quality and completeness of risk identification for cloud-hosted services and on-premises environments, and verify that mitigation recommendations are appropriate, actionable, and tracked to closure.
Develop and implement a risk-based IT/Information Security/Privacy compliance program to ensure adherence to key regulatory requirements/expectations and industry best practices

Reporting:

Define and maintain quality criteria for risk and compliance reporting, including data integrity checks and documentation of assumptions.
Review and validate risk analysis reports, dashboards, and metrics to ensure accuracy, clarity, and consistency prior to distribution to management and stakeholders.
Track and analyze recurring issues, audit findings, and defects related to regulatory compliance and risk management to identify systemic gaps, and periodically report insights to management.

Minimum Qualifications

A bachelor's degree and 6 years of professional work experience (or a master's degree and 3 years of professional work experience, or a PhD degree, or equivalent experience) is required.

Additional Qualifications

Experience with software development processes.
Practical experience with policy and regulatory mandates such as SOC 1/SOC 2, CSA-CCM, ISO27001/27002/22301/27017/42001, GDPR, CCPA, PCI-DSS, the NIST Risk Management Framework, and associated standards such as NIST SP(s) 800-34/800-53 Revision 5/800-171, FedRAMP, CMMC 2.0;
Exceptional communication skills including clear and concise writing, an engaging presentation style, and group facilitation.
Strong teamwork skills with a demonstrated ability to collaborate across teams and roles.

Let me find your next job.

Thanks - you're signed up.

Senior Security Assurance Engineer - Regulatory Compliance

Edtech.com's Summary

Senior Security Assurance Engineer - Regulatory Compliance Full Description

Senior Security Assurance Engineer - Regulatory Compliance

Director of Security and Compliance

Governance and Compliance Senior Analyst

COMPLIANCE CODING AND BILLING ANALYST

Compliance Analyst I

Assistant Director of Institutional Compliance