Job Title

Information Security Analyst

Duties

  • Research, collect data, and create high quality security and operational documentation.
  • Prepare Security Policy Documents, Security Procedure Documents, System Security Plans, System Design Documents, Data and Information Flows, and System Configuration Settings Documents.
  • Articulate how systems are designed with security and articulate the configuration/setting related to every control and policy in compliance frameworks such as SOC2, SOC3, FedRAMP, ISO27001, CUI, and GDPR.
  • Implement and convert security tools and technologies into auditor, business, and executive facing security documents.
  • Create consistent, cohesive content, and documentation for customer audits, third-party assessments, and compliance.
  • Work with developers, QA, PMs, auditor, and information security people to gather required artifacts and document evidence.
  • Create internal and external documents and content to explain complex security information in a clear and concise manner.
  • Create a process to support and maintain currency of documentations in response to industry, regulatory, or product changes.
  • Conduct discovery and research to determine required changes to existing assets, assess which assets are impacted by changes, and draft new language to incorporate into assets.
  • Support teams with cloud security, DevOps, and DevSecOps documentation.
  • Interpret security industry standards (ISO 27001/27002, NIST 800 series, NIST CSF, COBIT).
  • Build an InfoSec Management System and/or program.
  • Assist in third-party audit process and articulate auditing gaps.
  • Be responsible for system security, controls or information security management environment, specifically in one or more of the following information security domains: Security Architecture and Strategy (Integrated Risk Management); Identity & Access Management; Data Leakage Prevention (DLP); Cloud Access Security Broker(CASB); SIEM; Focus on Data Flow, Encryption; Large Complex Program Execution/Implementation; Security Function Design and Governance; Incident Management; and Security Infrastructure.

Requirement

Applicants must have a bachelor’s degree or foreign equivalent in Computer Science, Computer Applications, Information Technology, Computer Information Systems, Engineering (any), or related fields. We will accept a combination of education and experience equivalent to a U.S. bachelor’s degree as determined by a qualified evaluation service.

Mail resume to HR, 1551 McCarthy Blvd., Suite 215, Milpitas, CA 95035