Unity Logo

Unity

Senior Information Security Technical Program Manager: Technical Security Audit and Risk Management

Posted 23 Days Ago
Be an Early Applicant
Bengaluru, Karnataka
Senior level
Bengaluru, Karnataka
Senior level
The role involves managing technical security audits, risk assessments, and compliance projects, driving initiatives for security certifications and frameworks like NIST. It requires collaboration with engineering teams and senior leadership on security strategy and remediation efforts, while staying updated with industry trends.
The summary above was generated by AI

The opportunity

Unity understands the significance of a solid Security Program. The Security Program is key to maintaining customer confidence in our products and is the pathway to a well-tuned, functional Information Security Management System, Compliance and Program. This will be a chance to work on real security problems in a fast-paced high growth business. The person in this role will be at the helm of critical security risk and compliance projects with major impact across the company. You will help Unity to obtain and maintain applicable security certifications. You will have input into the overall security strategy to guide our security policy and architecture in addition to driving security awareness and compliance across the business units.

What you'll be doing

  • Driving Technical audits and implementation of audit and control framework to monitor production environments for potential system integrity, cyber-risk exposure and control weaknesses
  • Perform security gap analysis and help define specific/technical remediation measures.
  • End-to-end project and program management : Manage audit and/or remediation projects. Produce high-quality deliverables, project material and audit documentation that are suitable for engineering teams, external stakeholders and auditors.
  • Guide and work with engineering and DevOps as they execute on risk remediation and novel solutions Work day-to-day with technical Security engineers and collaborate with them for driving project progress and resolving blockers
  • Be responsible for reporting on these projects to senior leadership. Effectively communicate not only with peers, engineers , devops, business development stakeholders, but also with VP and execs.
  • Operate and lead initiatives within a distributed team and collaborate with colleagues both local and remote, cross functionally and within your department. Stay updated on the latest industry trends and technologies to keep our services cutting-edge.

What we're looking for

  • Experience driving compliance or audit engagements (eg SOX or SOC 2 or PCI or ISO 27001). Experience conducting risk assessment on products and applications (in-house and/or third-party) to inculcate better security using NIST or Similar compliance frameworks..
  • Experience working on cloud service providers such as AWS/GCP/AZURE, and knowledge of cloud services and infrastructure
  • Experience in Vulnerability management ( Qualys/ORCA etc), Security Operations ( Logging and monitoring, SIEM and SOAR tools ) and Infrastructure Security.
  • Familiarty with SAST/ DAST tools
  • Exposure to distributed systems development and/or an understanding of container and orchestration technologies such as Docker, Kubernetes or Nomad.
  • Strong understanding of software development best practices and design patterns, a security and quality first mentality and approach (Secure Software development Lifecycle SSDLC)
  • Experience with one or more of the following: threat modeling, security reviews, vulnerability management, penetration testing, secure software development
  • Excellent project management skills and communication and collaboration abilities, adept at working with teams across various disciplines. Experience with process mapping (preferably on MS Visio / Lucidchart or equivalent). Excellent skills with excel and powerpoint.
  • Excellent communication skills and experience collaborating with cross functional teams, driving for alignment on key decisions, effective communication with project participants and leadership

You might also have

  • Professional certifications in security, privacy risk management, and audit areas are a plus, such as PMP, CISA, CISM, CISSP, or CIPT.
  • Experience with Unity, Unreal, or other game engines
  • Experience working within an Agile environment (SCRUM/Kanban/XP) and leading work within teams

Additional information

  • Relocation support is not available for this position.
  • International relocation support is not available for this position.
  • Work visa/immigration sponsorship is not available for this position.

Life at Unity

Unity [NYSE: U] is the world's leading platform of tools for creators to build and grow real-time games, apps, and experiences across multiple platforms. Creators, ranging from game developers to artists, architects, automotive designers, infrastructure experts, filmmakers, and more, use Unity to bring their imaginations to life across multiple platforms, from mobile, PC, and console, to spatial computing.

As of the fourth quarter of 2023, more than 69% of the top 1,000 mobile games are made with Unity as derived from a blended number of the top 1,000 games in the Google Play Store and iOS App Store. In 2023, Made with Unity applications had an average of 3.7 billion downloads per month. For more information, please visit www.unity.com.

Unity is an equal opportunity employer committed to fostering an inclusive, innovative environment with the best employees. Therefore, we provide employment opportunities without regard to age, race, color, ancestry, national origin, disability, gender, or any other protected status in accordance with applicable law. If there are preparations or accommodations we can make to help ensure you have a comfortable and positive interview experience, please fill out this form to let us know.

This position requires the incumbent to have a sufficient knowledge of English to have professional verbal and written exchanges in this language since the performance of the duties related to this position requires frequent and regular communication with colleagues and partners located worldwide and whose common language is English. Headhunters and recruitment agencies may not submit resumes/CVs through this website or directly to managers. Unity does not accept unsolicited headhunter and agency resumes. Unity will not pay fees to any third-party agency or company that does not have a signed agreement with Unity.

Your privacy is important to us. Please take a moment to review our Prospect and Applicant Privacy Policies. Should you have any concerns about your privacy, please contact us at [email protected].

#SEN

Top Skills

AWS
Azure
Docker
GCP
Kubernetes

Similar Jobs

TransUnion Logo
TransUnion

DVP - IT Audits

Be an Early Applicant
6 Hours Ago
World Trade Center, Yeshwanthpur, Bengaluru Urban, Karnataka, IND
13,000 Employees
Senior level
Apply
13,000 Employees
Senior level
Big Data • Fintech • Information Technology • Business Intelligence • Financial Services • Cybersecurity • Big Data Analytics
The DVP - IT Audits position at TransUnion involves planning, executing, and reporting on IT audits, while developing control strategies and ensuring compliance with policies. Responsibilities include overseeing IT audits, identifying risks, automating audit processes, and engaging with employees at all levels. The role also involves mentoring and collaboration on best practices.
UL Solutions Logo
UL Solutions

Internal Auditor

6 Hours Ago
Bangalore, Bengaluru, Karnataka, IND
Hybrid
15,000 Employees
Mid level
Apply
15,000 Employees
Mid level
Automotive • Professional Services • Software • Consulting • Energy • Chemical • Renewable Energy
The Internal Auditor plans and executes financial and operational audits to assess internal controls and identifies issues for improvement. This role involves developing audit reports, coordinating with external auditors, and conducting risk assessments. The auditor also gathers data through analysis and testing to recommend enhancements that add value to the organization.
Motorola Solutions Logo
Motorola Solutions

IT Directory Infrastructure Specialist

Be an Early Applicant
13 Hours Ago
Bangalore, Bengaluru, Karnataka, IND
Hybrid
21,000 Employees
Senior level
Apply
21,000 Employees
Senior level
Artificial Intelligence • Hardware • Information Technology • Security • Software • Cybersecurity • Big Data Analytics
As a Directory Infrastructure Specialist, you will maintain the health and security of the Active Directory environment, manage user access, and implement security measures. Responsibilities include monitoring system performance, managing GPOs, and coordinating with IT security teams to ensure compliance. You'll also develop disaster recovery plans and stay updated on directory integrations and best practices.

What you need to know about the Bengaluru Tech Scene

Dubbed the "Silicon Valley of India," Bengaluru has emerged as the nation's leading hub for information technology and a go-to destination for startups. Home to tech giants like ISRO, Infosys, Wipro and HAL, the city attracts and cultivates a rich pool of tech talent, supported by numerous educational and research institutions including the Indian Institute of Science, Bangalore Institute of Technology, and the International Institute of Information Technology.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account