Be an early applicantLess than 25 applicants

Company

Zoom · 5 hours ago

Compliance Analyst

United States

Full-time

Remote

Mid Level

$77K/yr - $186K/yr

Maximize your interview chances

CollaborationInformation Technology

No H1B

U.S. Citizen Only

Security Clearance Required

Insider Connection @Zoom

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Validate and drive vulnerability remediation for discovered vulnerabilities.

Build the bridges between security and compliance by working directly with operations teams, infrastructure teams, security teams, related Zoom teams, and Government authorizing officials.

Interact with senior levels of government agencies.

Conduct security assessments, significant change requests, and attestations.

Work as an internal auditor for the organization’s infrastructure and services.

Develop technical knowledge of control implementation.

Improve documentation, track progress, coordinate improvement efforts, and monitor process improvement effectiveness.

Communicate requirements effectively to internal and external stakeholders.

Serve as a liaison between agencies/auditors and internal teams regarding compliance issues and solutions.

Support the Security Operations team in resolving audit and vulnerability findings.

Meet regularly with technical teams to follow up on patching cadence.

Implement automated monitoring and alerting on continuous compliance tasks.

Report continuous monitoring documentation to associated organizations (FedRAMP, StateRAMP, DISA) on a monthly basis.

Effectively recognize and mitigate threats by performing relevant research and data analysis.

Report security incidents.

Perform other duties as needed.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Vulnerability ScannersSecurity Compliance FrameworksTesting ToolsComputer ScienceCybersecurityInformation SecurityOperating SystemsCloud ComputingOWASP Top 10Container Management ToolsTenablePrismaFedRAMPNIST RMFNIST SP 800-seriesNessusDISA STIGsCISSPCISMCEHDockerAmazon ECSKubernetesAWSOCIPublic Sector ExperienceSecurity ClearanceLinuxEngineering Background

Required

B.S or M.S in Computer Science, Cybersecurity, Information Security, or related field, or equivalent relevant experience.

Knowledge or experience with vulnerability scanners such as Tenable, Tenable WAS, Prisma, etc.

Experience with security compliance frameworks such as FedRAMP, NIST/DoD RMF, and NIST SP 800-series publications.

Experience working with testing tools such as Nessus, DISA STIGs / STIG Viewer, etc.

Knowledge of desktop, server, mobile operating systems, and cloud computing providers.

Ability to plan, organize, prioritize, work independently, and meet deadlines.

Must be a U.S. citizen or green card holder.

Preferred

Engineering background (such as Electrical Engineering, Software Engineering, Systems Engineering) is highly desirable.

Deep understanding of OWASP Top 10, specifically A06:2021 Vulnerable and Outdated Components.

CISSP/CISM/CEH certifications.

Experience with container management tools such as Docker, Amazon ECS, Kubernetes, or equivalent implementations.

Knowledge of multiple cloud computing providers such as AWS, OCI, etc.

Experience working in the public sector or with government clients.

Active Security Clearance.

Linux experience.

Benefits

Our benefits program offers a variety of perks, benefits, and options to help employees maintain their physical, mental, emotional, and financial health; support work-life balance; and contribute to their community in meaningful ways.