Senior Security Technical Compliance Analyst
We are seeking a Senior Security Technical Compliance Analyst (FEDRAMP) to join the Technical Compliance team for Zoom for Government. This role will be instrumental in leveraging the large data sets that we have to drive higher levels of security posture and configuration consistency for the Zoom infrastructure, and to mature the operational rigor of our processes. The successful candidate will be part of the growing Technical Compliance team for Zoom for Government, and will be working with operations teams across the Zoom global organization, security operations teams to expand our collaboration and enhance the data pipelines for deeper insights to drive remediation plans.
Validate and drive vulnerability remediation of discovered vulnerabilities
Build the bridges between security and compliance by working directly with our operations teams, infrastructure teams, security teams, related Zoom teams, and Government authorizing officials
Interacting with senior levels of government agencies
Develop long-term projects and define processes and methods to ensure execution and productivity across multiple internal and external stakeholders, including customers and regulatory agencies
Conduct security assessments, significant change requests, and attestations
Work as an internal auditor for the organization’s infrastructure and services
Develop technical knowledge of control implementation
Improve documentation, track progress, coordinate improvement efforts, and monitor process improvement effectiveness
Communicate requirements effectively to internal and external stakeholders
Liaison between agencies/auditors and internal team regarding compliance issues and solutions
Support Security operations team in resolutions of audit and vulnerability findings
Meet regularly with other technical teams to follow up with patching cadence
Implement automated monitoring and alerting on continuous compliance tasks
Report Continuous monitoring documentation to associated organizations (FedRAMP, StateRAMP, DISA) on a monthly basis
Effectively recognize threats by performing relevant research and data analysis
Report security incidents
Active US citizenship.
B.S or M.S in Computer Science, Cybersecurity or Information Security, or relevant experience.
Knowledge or experience in working with and/or managing vulnerability scanners such as, Tenable, Prisma, Burp Suite, etc..
Experience working with/in ServiceNow.
Experience in security compliance frameworks such as FedRAMP, NIST/DoD RMF, and NIST SP 800-series publications.
Experience in working with testing tools such as Nessus, DISA STIGs / STIG Viewer, etc..
Knowledge of desktop, server, mobile operating systems and cloud computing providers.
Ability to plan, organize, prioritize, work independently and meet deadlines.
Deep understanding of OWASP Top 10, and specifically A06:2021 Vulnerable and Outdated Components
Knowledge or experience with container management tools such as Docker, Amazon ECS, Kubernetes or equivalent implementations
Knowledge of multiple cloud computing providers such as AWS, OCI, etc.
Experience in the public sector space
Salary Range or On Target Earnings:
In addition to the base salary and/or OTE listed Zoom has a Total Direct Compensation philosophy that takes into consideration; base salary, bonus and equity value.
Information about Zoom’s benefits is on our careers page here.
Note: Starting pay will be based on a number of factors and commensurate with qualifications & experience.
We also have a location based compensation structure; there may be a different range for candidates in this and other locations.
Zoomies help people stay connected so they can get more done together. We set out to build the best video product for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom Webinars.
We’re problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Here, you’ll work across teams to deliver impactful projects that are changing the way people communicate and enjoy opportunities to advance your career in a diverse, inclusive environment.
Find us on social at the links below and on Instagram
View more jobs, sign up for job alerts and join our talent community. Visit the Zoom careers site.
We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. Zoom is proud to be an equal opportunity workplace and is an affirmative action employer. All your information will be kept confidential according to EEO guidelines.#LI-Remote