Listing Description
Duo is on a mission to end the era of passwords and democratize advanced security technologies to protect everyone, not just the Fortune 500s. We're solving the biggest security challenges in the industry and want you to join us for the ride!
Security is critical for us - it's in the name, after all - so we're looking for a Security Compliance Analyst to help us build trust and ensure compliance.
Responsibilities include:
* Recommend and help develop appropriate information security policies, standards, procedures, checklists, and guidelines using generally-recognized security concepts tailored to meet the requirements of the organization and assist IT process owners in the creation and maintenance of these policies/procedures.
* Provide approved responses to client compliance inquiries and maintain library of responses.
* Work closely with departments, SMEs, vendors, & auditors/assessors to continuously identify and manage risks while ensuring readiness to satisfy internal & external audit requirements.
* Work with various departments to ensure controls-related documentation in support of information assurance and compliance activities is maintained.
* Coordinate evidence gathering within Security and all business units
* Work directly with auditors
* Provide support for internal Security Awareness and continued employee education.
Qualifications:
* 3 - 5 years of information security experience required
* 3 - 5 years of experience with information technology audits and assessments preferred
* Familiarity with privacy laws, data protection/security regulations, and frameworks, such as BITS, SOC 2, NIST 800-53, FedRAMP
* Prior experience evaluating and reporting on SOC 2 and PCI DSS compliance requirements
* Negotiation skills needed to obtain commitments to remediate risks and vulnerabilities from leadership of other teams
* Familiar with and able to apply generally-accepted security methods, concepts and techniques
* Excellent communication, listening and facilitation skills, and a drive to teach.
* Excellent time management and related organizational skills, including appropriate sense of urgency, a proactive approach, and a suitable ability to anticipate and manage project lifecycle events, issues and obstacles
* Able to identify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholders
You also:
* Are ready to take on just about anything, and figure things out one way or another
* Care about contributing to an amazing work culture and environment
* Are comfortable with the rapid, unpredictable nature of a tech startup
* Prefer trying and failing to getting it perfect the first time
* Enjoy hacking the planet
Feel free to apply directly at https://duo.com/about/careers/job/483765Recommend and help develop appropriate information security policies, standards, procedures, checklists, and guidelines using generally-recognized security concepts tailored to meet the requirements of the organization and assist IT process owners in the creation and maintenance of these policies/procedures.
Provide approved responses to client compliance inquiries and maintain library of responses.
Work closely with departments, SMEs, vendors, & auditors/assessors to continuously identify and manage risks while ensuring readiness to satisfy internal & external audit requirements.
Work with various departments to ensure controls-related documentation in support of information assurance and compliance activities is maintained.
Coordinate evidence gathering within Security and all business units
Work directly with auditors
Provide support for internal Security Awareness and continued employee education.
Listing Details
- Salary: $70000 - $90000
- Citizenship: Us Citizen
- Incentives: Both
- Education: High School Diploma
- Travel: Travel 25
- Telework: Optional Telecommute