Information Security Analyst

Santa Clara, California

 The CISO Cyber Assurance Team is responsible for providing assurance to enterprise and government customers to exhibit Company's established policies, programs and processes that secure customer data and systems. You will be responsible for driving business partnership with V teams such as Legal, Sourcing, Client Accounts, Sales and other security organizations. You will educate, influence and drive alignment to security policies and programs to ensure Company is meeting the needs of our customers. You will support the strategic direction to inject strong cyber security practices into future business projects and processes across the enterprise.

You will support the framework and workflow which drives the Customer Information Security Assurance Program by:

  • Maintaining and organizing existing information security documentation and standards.
  • Answering detailed questionnaires regarding Company's security standards, controls and practices.
  • Monitoring the case queue and responding to various types of customer cybersecurity inquiries.
  • Ensuring the concise, accurate and timely delivery of information about Company’s security practices to customers during customer audits and normal inquiries.
  • Participating in legal contract negotiation and evaluating the related risks of the language as related to Corporate Information Security.

You will maintain and participate in strategic partnerships with other business units, influencing the implementation of security practices into their processes and procedures by:

  • Providing guidance to associated customer engagement teams to deliver accurate information security assurance to customers.
  • Engaging teams throughout Company to identify evidence of controls when needed.

You will serve as an important Cyber Assurance Security liaison and SME for client account teams by providing counsel and guidance on customer security concerns, requests, responses and other security communications to customers by supporting:

  • The creation of presentations which deliver key messages to senior leadership teams, business partners and customers.
  • Solutions to address gaps in customer requirements and partnering with stakeholders to modify and drive continuous improvement.
  • The day to day education and awareness of Company security practices for customers and advocate for customer security requirements within Company.
  • A comprehensive communications plan with information about risks to the business and customers.
  • The accurate recording and maintenance of metrics to demonstrate volume, value and trending of customer assurance activities.

What we’re looking for...


You’ll need to have:

  • Bachelor’s degree or four or more years of work experience.
  • Four or more years of relevant work experience.
  • Experience in Information Security, Technology or Technical Risk Analysis.

Even better if you have:

  • A degree.
  • One or more of these preferred security certifications: CISSP, CISA, CISM, CRISC.
  • Risk/ threat analysis, technical security assessment, controls mitigation and issues remediation experience.
  • Experience in communicating with customers and resolving issues and requests quickly and efficiently.
  • Experience in negotiating legal contractual language.
  • Experience with ISO 27001-2, SIG, NIST CSF/800-53, SoC 2 and other similar controls standards.
  • Technical related experience and business operations experience.
  • Ability to communicate well in both verbal and written forms.
  • Ability to manage multiple engagements concurrently.
  • Ability to prioritize work and demonstrate well developed organization skills.