Qualcomm IT Security Engineer, Sr. Staff (Risk Management) in San Diego, California

Job Description:

Job Id


Job Title

IT Security Engineer, Sr. Staff (Risk Management)

Post Date




Qualcomm Incorporated

Information Technology

Job Area

Information Technology


California - San Diego

Job Overview

The Information Security & Risk Management organization is looking for an individual to enhance our cyber security risk management and regulatory compliance. The role will evangelize security risk management practices, compliance activities, and provide internal consulting to the business. Partner with various internal/external stakeholders and internal support organizations to ensure alignment and quality execution. In this role, you will work closely with a technical team, talking to clients, mentoring colleagues and documenting processes.


  • Drive maturity to the risk management program using risk management frameworks (such as ISO 27005 and NIST 800-37 and 800-39)

  • Perform enterprise risk assessments and/or security audits

  • Enhance and maintain an enterprise Risk Register

  • Manage complex information security programs or projects related to risk management and compliance on a global scale with little to no direction

  • Present to stakeholders and executives on the health of the risk management program and compliance efforts

  • Monitor and ensure compliance to standards, policies, and regulations

  • Prepare security reports by collecting, analyzing, and summarizing risk trends and issues from the Risk Register, compliance metrics data, and exceptions to policies

  • Enhance capabilities to track current, new, and upcoming regulations, guidelines, and requirements that could impact risk management and compliance efforts

  • Champion information security in all lines of business and corporate functions

All Qualcomm employees are expected to actively support diversity on their teams, and in the Company.

Minimum Qualifications

Bachelor's degree and 7+ years IT-relevant work experience OR 9+ years IT-relevant work experience without a bachelors degree.

Preferred Qualifications

  • At least five years of hands on information security experience in a large-sized enterprise IT environment with thorough understanding of risk management and compliance standards such as ISO 27001, NIST 800-37, NIST Cybersecurity Framework, EU privacy and data protection directives, and overall data privacy and protection requirements

  • Has exceptional communications skills and cross functional relationship building skills

  • Experience presenting to executive leadershipOther preferred skills include:

  • Experience in risk analysis models such as FAIR and Monte Carlo simulations

  • Ability to document, enhance, and create compliance metrics and Key Performance Indicators

  • Contractual reviews (from a security and privacy perspective)

Education Requirements

Bachelor's degree and 7+ years IT-relevant work experience OR 9+ years IT-relevant work experience without a bachelors degree.

OCSP Certification preferred

EEO Employer: Qualcomm is an equal opportunity employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or any other protected classification.