Infoblox is seeking an Information Security Compliance Analyst that will assist with the attainment and maintenance of controls and documentation needed for SOC2 and SOX certification. This position is based in Tacoma, WA and reports to the CISO, who is located in our Santa Clara, CA office.
The main responsibilities of this analyst include working with the Business to document risks and improvement plans. This Analyst will also assist in the measurement, improvement, and reporting of the maturity and effectiveness of the control environment as measured by NIST CSF, COBIT, and other assessment models.
This analyst will also participate in the evaluation, control, and reporting of 3rd party vendor risk as well as assist in the responses to the security portions of inbound RFPs. There are on-going opportunities to improve and automate these processes. Previous experience with these tools is a plus.
At Infoblox, we are taking a fresh and innovative approach to control, analyze, and secure networks by intelligently managing core network services (DNS and DHCP).
* Partner cross-functionally across the company to improve and document compliance with security controls (NIST CSF, SOC2, SOX, etc.)
* Write technical documentation and maintain knowledge of Cloud and Security concepts
* Interview subject matter experts and use the knowledge obtained to develop, edit, and revise documentation including standard operating procedures, system security plans, policies, and procedures
* Produce and/or edit technical drawings using MS Visio or similar design tools
* Write, edit, and/or manage a wide variety of IT security documentation related to SOC2 and SOX certification standards
* Perform 3rd party vendor risk assessment
* Manage the Security Portion of Inbound RFP responses
* Build/manage automation tools to assist with effective RFP handling, including response and risk reporting
* Minimum of 3 years working in a compliance team
* Demonstrated knowledge of both SOC2 and SOX audits and controls
* Experience and familiarity with cloud data security and working with public cloud solutions (AWS)
* Demonstrated strong verbal and written communication skills as well as strong analytical and problem-solving abilities
* Excellent English language, grammar, and spelling skills for writing, editing, and proofreading
* Ability to work independently or as a member of a team on various tasks
* Skilled at organizing and translating information into clear written documentation; while articulating complex concepts and processes in writing
* Proven ability to effectively research subject matter
* Demonstrated ability to work well under tight deadlines and effectively interact with a wide range of personnel
The ideal candidate will possess…
* Familiarity with other compliance and risk management frameworks, such as SOC2, SOX, ISO27001, ITIL, Cloud Computing Security Requirements Guide (SRG)
* Strong governance, risk and compliance exp
* Industry certifications CISSP, CISM, GIAC
* 4-year college degree preferred
It's an exciting time to be at Infoblox. We are the market leader in Technology for network control. Our success depends on bright, energetic, talented people who share a passion for excellence in building the next generation of networking technologies-and having fun along the way. Infoblox offers a fast-paced, action-oriented environment. We promote a culture that embraces innovation, change, teamwork, and strong partnerships. Join the winning Infoblox team-our future looks bright, and so will yours. To check out what it's like to be a Bloxer click here.
Infoblox is a company developing network identity solutions enabling businesses to automate network control functions to reduce costs and boost security.