MRI Software LLC is a leading provider of innovative software solutions for the global real estate industry. MRI delivers a comprehensive and truly configurable solution, from property-level management and accounting to the most complex, long-range financial modeling and analytics for both the commercial and multifamily real estate markets. As a leading provider of real estate enterprise software applications and hosted solutions, MRI leverages over 40 years of business experience to develop long-term successful relationships with its clients. Originally founded in Cleveland, Ohio, U.S.A., the company has offices in Toronto, London, Sydney, Singapore, and Hong Kong.
· Help align our security strategy with internal teams, industry best practices, and global legislation, including but not limited to SOC 1, SOC 2, ISO 27001, NIST 800-53 standards
· Assist in developing, maturing, maintaining, and testing business continuity plan, disaster recovery plan and incident response plan
· Assists in the development and oversight of required mitigation plans relating to information security risk and policy exceptions
· Professional experience in achieving ISO27001 certification and exception-free SOC audits
· Assists with the development and delivery of enterprise-wide security awareness initiatives.
· Conduct vendor security risk assessments to provide risk-based recommendations to the organization and evaluate the company’s risk posture.
· Contribute to the preparation and maintenance of Standard Operating Procedures (SOP), Troubleshooting and Knowledge Base documentation
· Participate in execution of annual audit(s) with vendor and internal personnel
· Follow defined processes for workflow, incident and change management, participating and highlighting potential improvements.
· Detailed and thorough documentation of all tasks.
· Foster a strong, collaborative partnership with Security, Infrastructure, Legal, Internal Audit, and IT teams
· Create, contribute to, and update periodic policy review, risk reports, metrics, and presentations
· Good academic background with a degree or equivalent experience in Information Technology.
· 1-3 years’ experience in IT operational environments, including experience with audits, compliance, and risk.
· Experience in various security standards/frameworks such as NIST, ISO27001 or ISO20001, SOC, FedRAMP, etc.
· Must be detail-oriented, highly analytical, and have strong organizational and problem-solving skills.
· Excellent interpersonal and communication skills (verbal and written) with the ability to work both independently and as part of a team
· Good understanding of control and risk management frameworks (NIST) and fundamentals, with hands on experience with IT Risk Management systems