Senior Information Security Risk Analyst
Broomfield, CO

Job Description

As a leading provider of global information security solutions, Code42 secures the ideas of more than 50,000 organizations worldwide, including the most recognized brands in business and education. Because Code42 collects and indexes every version of every file, the company offers security, legal and IT teams total visibility and recovery of data wherever it lives and moves. Founded in 2001, the company is headquartered in Minneapolis, Minnesota, with offices in London, Munich, Denver and Washington, D.C. We are proud to be funded by Accel Partners, JMI Equity, NEA and Split Rock Partners.

Code42 is committed to providing all employees with engaging and challenging work, opportunity for growth, an equal voice to drive innovation, and an environment that cultivates authenticity. In return, we look for people who are inquisitive, enjoy solving complex problems, collaborate effectively, think creatively and provide diverse insights to help us all think better and differently. Come join us and #BeCode42

WHAT YOU'LL BE DOING:

Code42 is seeking a Senior Information Security Risk Analyst for our Information Security Risk Management team to help maintain our high standards of information security in a rapidly growing SaaS technology company. You will be responsible for leading internal information security consulting projects, executing security and privacy assessments of third party vendors, leading information security compliance efforts covering a variety of security frameworks and supporting sales teams by supporting security due-diligence efforts of our customers and prospects including audit requests and meetings with customers.

YOU'LL BE RESPONSIBLE FOR:

* Cloud and project security requirements delivery and validation
* Driving automation and efficiency into security processes including Consulting, Third Party Security, Compliance and Security Sales Support
* Providing analysis and support for external audits and compliance initiatives covering a range of information security frameworks that include, but are not limited to, NIST, SOC2, FedRAMP, ISO, PCI-DSS, etc.
* Articulating Code42's security posture to customers and prospects
* Supporting the Insider Threat Program
* Being a key partner for our Sales team by supporting customer / prospect security due diligence efforts, including forma and ad-hoc security inquiries and supporting customer security meetings customers and prospects
* Executing third party security assessments of new and existing vendors
* Documenting security findings and risks, as well as the recommendations for remediation
* Assisting with building and maintaining state of the art security program
* All other duties as assigned

SKILLS AND REQUIREMENTS:

* Bachelor's Degree in relevant discipline
* 5 or more years' experience in information security and risk management
* Strong analytic and critical thinking abilities
* In depth knowledge of audit processes and a variety of security frameworks
* Excellent verbal and written communication skills
* Strong understanding of security controls, frameworks and practices

PREFERRED:

* Experience in the SaaS product technology industry
* Experience with AWS and other major public cloud environments
* SecDevOps Experience
* Experience with security tools and penetration testing
* Experience with NIST and FISMA federal security standards
* Coding Experience