Security Analyst/Engineer
San Mateo, CA

Job Description

Lattice Engines is the leading provider of business intelligence for marketing and sales automation, and is expanding our cyber-security team! Join our cross-functional team as we grow and integrate with our new parent company Dun & Bradstreet. You will be based in the San Mateo office working closely with our teams that support security initiatives in AWS Operations, Information Technology, Software Development, and Quality Assurance. We value our ISO and other certifications, compliance practices, and being responsive to our Sales team and customer security inquiries. Security is one of our competitive advantages!

This is a hands-on role that affects all facets of our organization and business growth. You will assess risks, recommend security practices, collaborate with teams, implement improvements, monitor our internal practices, and represent the company externally as needed. Security is risk-based as such we have to set priorities, make trade-offs that support the business needs, be persistent yet patient, and champion security best practices.

REQUIREMENTS

* Bachelor of Science degree in a technical discipline (security, computers, engineering, etc.)
* Security certification from (ISC)2, SANS, or other reputable security training organizations
* Ability to multi-task and work quickly while maintaining correctness and communication quality
* Good written and verbal communication as we interact with many groups within the company, our customers, and third-party suppliers
* Desire to continually learn new security skills and improve our security posture to reduce the risk to the company and our customers

DESIRED SKILLS AND EXPERIENCE

* Successful ISO 27001 certifications including having been a key contributor in organizing aspects of the audit and evidence collection
* Successful SOC2 Type 2 attestations including having been a key contributor to the documentation and evidence collection
* Successful Privacy Shield certifications including having been a key contributor in the audit process and privacy policy changes
* In depth knowledge of the GDPR and CCPA regulations and implementing controls in an enterprise software application company
* Familiarity with OWASP and SANS best practices as applied to a cloud-hosted web application
* Knowledge and experience with network and application security practices and penetration testing tools and techniques
* Experience with security tools in AWS (Amazon Web Services) including evaluation, recommendation, and managing with Operations