One Trust Implementation Expert

Job Description

OneTrust Implementation Expert The Cybersecurity and Infrastructure Security Agency (CISA) has established the CISA Secure Software Development Attestation Form to ensure software producers follow secure development practices. This initiative stems from various executive orders and legislation, allowing government entities to request attestations from software vendors to promote better industry standards. Our Information Security and Risk Management (ISRM) organization is seeking a skilled OneTrust Implementation Expert to lead the implementation and optimization of our CISA Self-attestation assessment and evidence collection process. This role supports the production of self-attestation for our software. As an Implementation Expert, you will work with strategic stakeholders to define and implement an assessment in OneTrust, automating evidence production through existing organizational datasets. You will design and implement the assessment process, covering all necessary use cases from intake to fulfillment, to support the claims required by self-attestation. Are you passionate about transforming organizational processes into streamlined workflows? Do you thrive in leveraging cutting-edge technologies to drive innovation? Join our team to support the ISRM organization with operational insights and business intelligence. Be at the forefront of transformation and shape the future of our security and compliance practices. As an Implementation Expert, you will build and maintain robust solutions that power our analytics and drive informed decision-making. About Role In this role as a OneTrust Implementation Expert, you will: Design, develop, and maintain OneTrust custom assessments and questionnaires. Collaborate with cross-functional teams to understand requirements and deliver solutions that meet business objectives. Include OneTrust best practices during the implementation of the solution. Manage the piloting and testing of the assessments implemented to ensure they meet requirements and expectations. Provide technical expertise and support to stakeholders, helping them leverage the platform and implementation to support their business need. Import new datasources in OneTrust to be consumed automatically in the assessments. Optimize data processes and workflows to ensure efficiency, reliability, and performance of the processes implemented. About You: Youre a fit for the role of OneTrust Implementation Expert if your background includes: Must Have Experience implementing custom GRC assessment processes in OneTrust. Understanding of OneTrust platform administration and configuration[ST1] . Experience consuming new datasources in OneTrust. Experience in developing and maintaining compliance documentation such as policies control matrices. Knowledge of security regulations and standards (e.g., ISO 27001, NIST, GDPR, CCPA). Experience with automation in general consuming APIs, with plus when the automation is related to security tooling. Proficiency in Microsoft 365 Power Platform, Python. Experience working with databases using SQL. Nice to Have Knowledge of NIST Secure Software Development Framework (NIST SSDF) & OWASP Software Assurance Maturity Model (SAMM). Knowledge of risk management methodologies (e.g., NIST Risk Management Framework). Experience in conducting cybersecurity risk assessments, certifications & audits, and gap analyses and developing risk mitigation strategies. Experience with Application Security and Software Engineering practices. Programming experience with Golang preferred. [ST1]Maybe to reformulate. It's about being able to set up forms and logic within OneTrust, more than managing the platform itself.