MRI Software LLC is a leading provider of innovative software solutions for the global real estate industry. MRI delivers a comprehensive and truly configurable solution, from property-level management and accounting to the most complex, long-range financial modeling and analytics for both the commercial and multifamily real estate markets. As a leading provider of real estate enterprise software applications and hosted solutions, MRI leverages over 40 years of business experience to develop long-term successful relationships with its clients. Originally founded in Cleveland, Ohio, U.S.A., the company has offices in Toronto, London, Sydney, Singapore, and Hong Kong.
The compliance specialist’s role is to review MRI’s business practices to ensure that they are following pertinent regulations, adhere to industry best practices, and align to common security standards. Compliance specialists achieve their goals among other ways, by auditing and evaluating various business functions. While the focus is on cyber security and understanding and evaluating MRI’s security posture, risk appetite, and analyzing how MRI can improve, there is an element of the role that focuses on less technical business practices too.
- Works with business stakeholders for a variety of audits related to IT general controls, application controls, information security, and business functions.
- Assists with client and internal questions related to compliance, privacy, and security matters.
- Creates, updates, and assesses entries to MRI’s risk register
- Follows up with internal and external parties as required to ensure timely actions are completed for corrective actions
- Drafts, updates, archives, and circulates policies and other security documentation for internal and external parties
- Creation and compilation of detail-oriented minutes, data collection analysis, and action lists to support meetings, audits, and incident response efforts
- Assists with the maturation of MRI’s overall security strategy with internal teams, industry best practices, and global legislation, including but not limited to SOC 1, SOC 2, ISO 27001, NIST, and other standards
- Works with teams in the development and oversight of mitigation plans relating to information security risk, audits, and policy findings
- Contribute to vendor security risk assessments and provide risk-based recommendations to the organization in evaluating the company’s risk posture
- Assists with the development and delivery of enterprise-wide security awareness initiatives
- Build a stronger, collaborative partnership with security, infrastructure, legal, audit and IT teams
- Professional experience and familiarity with one or more: ISO 27001, ISO 9001, CE+, SOC 1, SOC 2, PCI DSS, and other auditing standards.
- Professional experience and familiarity with one or more: NIST, CIS, SANS, ISO, FedRAMP, and other cybersecurity frameworks.
- Working knowledge of major international, national, and state level security and privacy regulations, practices, and standards.
- Solid technical background with an applied understanding of common types of security risks and mitigation strategies
- Experience with vendor risk management and performing security risk reviews
- Ability to work with teams that are geographically distributed and work across different time zones