Sr Cyber Governance, Risk, and Compliance Analyst

F5-posted 4 days ago
Full-time • Mid Level
Hybrid • San Jose, CA
5,001-10,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation. Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive. Position Summary A Governance, Risk, and Compliance (GRC) Senior Analyst is a Cybersecurity professional responsible for the maintenance and support of Cybersecurity's many programs (including risk management, compliance, and vulnerability management) that meets the parameters prescribed by the Office of the CISO for the organization.

  • Assist with audit, risk management, and compliance program
  • Support and improve security, risk management, and control framework, including Secure Software Development Lifecycle and Data Security Posture Management
  • Monitor internal compliance against information security governance frameworks by conducting routine testing and internal control reviews as well as enterprise security risk assessments
  • Identify and communicate control gaps, evaluate management remediation action plans, and provide ongoing monitoring of resolution
  • Execute annual assessment program including customer and external compliance assessments (ISO 27001/17/18, IT SOX, SOC 2, FedRAMP, HIPPA and PCI-DSS) and required vulnerability assessment, including remediation activities
  • Maintain awareness of external regulations and industry standards for new or modified requirements (FedRAMP, GDPR, PCI-DSS, CCPA, NIST 800-53, ISO 27001, etc.)
  • Perform assessments of supporting third parties to evaluate current security posture and monitor ongoing adherence to F5's information security requirements
  • Assist with management of the security assessment program
  • Lead and improve supporting of security assessments, including third-party security assessment and customer security questionnaires.
  • May assist with performing legal security reviews of contracts on request of Legal department.
  • May work with external vendors to perform assessments (i.e., pen testing, assessments) as directed.
  • Develop knowledge pertaining to Threat Model Assessments
  • Assist with management of the vulnerability management program
  • Review and analyze highly complex remediation of findings.
  • Monitor, notify and/or assist with remediation steps for identified vulnerabilities.
  • Engage with stakeholders to address outstanding vulnerabilities.
  • May assist with reporting on status of program to Cybersecurity Leadership or other management teams.
  • Performs other related duties as assigned.
  • Expert familiarity with systems and network infrastructure security technologies, including application/OS hardening techniques, network protocols, network & application firewalls, intrusion detection systems.
  • Expert hands-on familiarity with security risk-assessment tools & techniques (vulnerability testing, penetration testing, social engineering, etc)
  • Excellent program/project management abilities.
  • Recognizes that policies must be conceived and implemented in the context of a dynamic, customer-oriented, for-profit business environment
  • Excellent written & verbal communications; superior interpersonal, planning, documentation, organization, and problem solving skills.
  • Expert ability to act independently; interface with people at all levels in the company, and take initiative to engage internal & external personnel/services to ensure effective & reliable systems.
  • Proven initiative to engage internal & external personnel/services to ensure effective & reliable systems.
  • BS/BA or equivalent work experience in security related field
  • 8+ years of relevant work experience
  • 6+ years working experience as a security analyst or equivalent
  • Industry relevant certifications such as CISSP, CRISC, CISA, CISM, CGEIT, etc.
  • Knowledge with common compliance frameworks like the CIS Critical Controls, NIST SP800, ISO27001
  • Foreign language skills a plus
  • Proven experience influencing a team to achieve positive results
  • We offer work/life integration programs like Freedom to Flex, dynamic employee inclusion groups, paid maternity/paternity leave, tuition assistance for professional development, a comprehensive mentoring program, rewards/recognition, and so much more.
Track Jobs with Teal

Job Search Resources

Resume Builder
Compliance Analyst Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service