- Job Type: Full-Time
- Function: IT
- Industry: Software
- Post Date: 01/20/2023
- Website: zenoss.com
- Company Address: 11305 Four Points Drive, Building 1, Suite 300, Austin, TX, 78726
- Salary Range: $50,000 - $150,000
About ZenossHelping the world's largest organizations ensure their IT services and applications are always on.
Building an exceptional company starts with the right people. Zenoss recruits and retains high caliber people with “can do” attitudes, creates an environment where they can innovate and achieve their best and rewards them for delivering superior results. Zenoss is an equal opportunity employer. We value an inclusive environment and encourage diversity in the workplace.
If you’re one of the ‘People Who Do,” and you’re ready to join a team that will make its mark around the globe, apply here.
As Security and Compliance Engineer, you will:
- perform a critical role in the company of managing risk, audit compliance, and maintaining and updating the company’s security posture in an ever evolving regulatory and threat landscape
- have the skills to translate security standards and regulatory criteria into software product functions, cloud infrastructure architecture, and operational processes conduct periodic internal audits and coordinate with third party auditors to facilitate audit compliance and work with internal leaders to modify and elevate internal controls
- directly oversee risk assessment management processes and partner with cross functional leaders to identify risks and collectively present them to executive leadership
- help develop and maintain data flow documentation, privacy policies, and associated processes to ensure compliance with data privacy regulations
- ensure efficient knowledge management of company processes, security details, and product features to enable rapid response to external parties evaluating Zenoss
This is an ideal role for a self-motivated, professional with passion for technology, security, and audit compliance.
This position can be Remote (Work from Home) or work out of our Austin, TX office.
- Maintain working knowledge of SOC 2, ISO-27001, NIST Cybersecurity, global privacy regulations and frameworks
- Demonstrate the ability to assess and understand security, compliance and legal frameworks and their implications for Zenoss Inc.’s business
- Participate in planning sessions with small and large cross-functional teams
- Ensure global cloud operations maintain security and compliance as they evolve and scale
- Develop and maintain a working knowledge of Zenoss products and services
- Collaborate with Engineering and Product Management to ensure security and compliance feedback is incorporated into the product development lifecycle
- Work with cross-functional teams to translate risk assessment findings and security, data privacy, and compliance controls into actionable tasks
- Partner with Operations teams to conduct vulnerability management, coordinate penetration testing, and maintain business continuity plans
- Maintain compliance with audit requirements and conduct security assurance actions for cloud environments
- Demonstrate good leadership by providing an objective, high energy, consistent work ethic
- Ensure integrity and adherence to configuration management and change control processes and procedures
- Carry out and assist with crafting policies and procedures as established by the team, department or management
- Conduct internal audits, maintain appropriate documentation, and manage 3rd party audit relationships
- Demonstrate excellent verbal and written skills in providing security responses to customers and other third parties
- Review existing and potential vendor and partner relationships for audit and data privacy compliance and risks
Required Experience / Skills:
- Undergraduate degree in related discipline (IS/CS degree preferred)
- 5-10 years of professional increasing hands-on experience with security compliance, preferably with a focus on production software operations environment
- Familiar with best practices in audit compliance, change management and security architecture; examples would be SOC2, FedRAMP, GDPR, NIST 800-53
- Knowledge of data privacy regulation and experience implementing controls
- Detailed knowledge of SOC Trust Services Criteria a plus
- Experience as liaison to 3rd Party Auditors a plus
- Experience with cloud services like AWS and GCP
- Strong verbal and written communication skills
- Project and task oriented with a focus on details
- Ability to proactively communicate detailed status to customers, leadership, and project teams
- Strong organization skills
- Ability to work both within a team and independently
- Ability to collaborate with team members and other departments
- Ability to make sound decisions based on compliance needs and technical knowledge
- Self-motivated and able to work under pressure to deliver high-quality solutions
- Detail oriented with excellent analytical skills
A candidate's Work Status is limited to only those legally authorized to work in the United States on a full-time basis without visa sponsorship.
No third-party candidates, please.
More about Zenoss: Individually Unique. Better Together. When we come together, we accomplish amazing things. Zenoss is an established company with a start-up, entrepreneurial environment. We have a collaborative culture that is focused around making our customers successful. One thing we're not is a new-kid-on-the-street startup. Founded in 2005, we're far removed from a few folks in a garage with one great idea. We are a midsize company filled with people who have proven work experience, are smart, nimble, and capable. We have credibility: Zenoss helps world-renowned enterprise customers run their IT infrastructure. Some of the most critical aspects of business rely on Zenoss. It's exciting to be part of growing and servicing these types of customers.