JOB DESCRIPTION

Information Systems Security Officer - Hybrid - Irvine, CA 

Salary: $120k-140k

COMPANY

Qmerit, headquartered in Irvine, California, simplifies the adoption of electrification products for single and multi-family residential and small business markets. A leader in green energy transformation, the company provides value-driven services throughout the renewable energy equipment implementation lifecycle. This is delivered through Qmerit’s network of company owned contractors, value added resellers and independent certified service providers, skilled in system application and integration as well as ongoing maintenance. Combining this nation-wide network of certified electrical contractors with the company’s digital managed services platform and white-glove concierge services. Qmerit delivers customers an unmatched quality experience when installing electric vehicle (“EV”) charging stations and integrating to battery storage, solar systems, emergency power and microgrid solutions.
JOB SUMMARY

We are seeking a dedicated and experienced Information Systems Security Officer (ISSO) to join our team in California. The ideal candidate will have a minimum of 5 years of experience in the field and a robust understanding of governance, risk, and compliance (GRC), SOC2, vulnerability management, incident response, policy and procedure writing, and Microsoft Azure security.

RESPONSIBILITIES

• Develop, implement, and maintain security policies, standards, and procedures in alignment with organizational goals and regulatory requirements.
• Conduct regular risk assessments and vulnerability assessments to identify and mitigate security risks.
• Manage and oversee the SOC2 compliance process, ensuring that all security controls are effectively implemented and maintained.
• Lead incident response activities, including detection, analysis, containment, eradication, and recovery.
• Collaborate with cross-functional teams to integrate security measures into all aspects of the organization’s IT infrastructure and DevSecOps.
• Provide guidance and support for Microsoft Azure security, ensuring that cloud-based systems are secure and compliant.
• Maintain and co-manage security awareness training for employees to promote a culture of security within the organization.
• Stay current with the latest security trends, threats, and technology solutions to ensure that the organization’s security posture remains robust.

Qualifications:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 5 years of experience in information security, with a focus on governance, risk, and compliance, SOC2, vulnerability management, incident response, policy and procedure writing, and Microsoft Azure security.
• Strong understanding of information security principles, frameworks, and best practices.
• Experience with risk management tools and methodologies.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong written and verbal communication skills, with the ability to effectively communicate complex security concepts to both technical and non-technical stakeholders.
• Relevant certifications such as CISSP, CISM, or CISA are preferred.

• Experience with security tools and technologies, including SIEM, IDS/IPS, and DLP.
• Familiarity with other compliance standards such as SOC2, PCI-DSS, and NIST.
• Experience in a cloud-based environment, particularly with Microsoft Azure.
• Experience in translation of security controls into actual implementation at various technical levels, coordination with 3^rd party vendors, and managing compliance objectives.

• This is a full-time position based in California. Remote work may be considered for highly qualified candidates.
• Occasional travel may be required to support our subsidiaries and for both training and professional development, up to 15%.