Cyber Security Engineer (Open-Source Specialist)

About the Team

VIZIO works with open-source software to provide innovative and cutting-edge solutions to our clients. We are seeking a GRC Specialist to join our growing organization.

The Cyber Security Engineer (OSS Specialist) will report to the Director of DevOps & Security and will be responsible for developing, implementing, and maintaining a comprehensive open-source and other product-based information security GRC program. The ideal candidate will have experience in both the technical and business aspects of GRC and be able to communicate complex concepts to stakeholders at all levels. This position is based in Dallas and is expected to be in-office five days a week.

What You Will Do

• Develop and maintain open-source and other product-based GRC policies and procedures, including but not limited to, risk management, compliance management, and incident management.

• Conduct risk assessments to identify potential threats and vulnerabilities and recommend mitigating controls.

• Work with internal stakeholders to ensure compliance with applicable laws, regulations, and industry standards, such as ISO 27001, ISO/IEC 5230:2020 and SOC 2.

• Develop and deliver open-source and other product-based GRC training to employees and contractors.

• Lead incident response efforts, including identifying and containing incidents, conducting post-incident reviews, and making recommendations for improvement.

• Stay current with industry trends and best practices in GRC and recommend updates to the program as needed.

• Work with third-party vendors to ensure their compliance with VIZIO's GRC requirements.

• Assist with audits and assessments from customers, regulators, and other third parties.

• Establish and streamline technical approach to developing SBOM and developing and maintaining OSS compliance.

• Partner with VIZIO's Legal Team and other internal teams as needed to ensure enforcement of requirements and provide expertise in software-related litigation.

About You

• Bachelor's degree in Computer Science, Information Systems, or related field

• 3+ years of experience in open-source GRC, information security, or a related field.

• Strong knowledge of regulatory requirements, such as NIST, CCPA, ISO 27001, ISO/IEC 5230:2020 or SOC 2.

• Excellent written and verbal communication skills, with the ability to effectively communicate technical information to both technical and non-technical stakeholders.

• Experience working with open-source software and an understanding of the associated legal and compliance issues.

• Strong analytical and problem-solving skills, with the ability to identify and mitigate risks and vulnerabilities.

• Experience with GRC tools and software.

• Relevant certifications, such as CISSP, CISA, CRISC, CISM, Sec +, CEH, CySA + or GRC Professional, are a plus.

About VIZIO

We are Beautifully Simple.

Headquartered in Irvine, California, VIZIO is a leading HDTV brand in America and the #1 Sound Bar Brand in America. VIZIO's mission is to deliver high performance, smarter products with the latest innovations at a significant savings that we can pass along to our consumers. Our loyal following and industry-wide praise continues to grow as we redefine what it means to be smart.

VIZIO, Inc. is an Equal Opportunity Employer committed to diversity in the workplace. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, protected veteran status, or any other basis protected by applicable law, and will not be discriminated against on the basis of disability.

We do not accept unsolicited agency resumes. We will not pay fees to any third-party agency, outside recruiter or firm without a mutually agreed-upon contract and will not be responsible for any agency fees associated with unsolicited resumes. Unsolicited resumes will be considered our property and will be processed accordingly.