Monday, June 8, 2020

Information Security Analyst

Title: Information Security Analyst
Location: Sunnyvale, CA
Duration: 6+ months
Client: Direct Client
 
This information security analyst will understand ***'s governance, risk and controls strategy for information security and product security and will be responsible for documenting the security policies, security procedures, product architecture topology diagrams and data flows, security controls definition and implementation details. This person will also closely work with the security and product engineering staff members to assess the current state and maturity of various controls, find gaps and define roadmap to address those gaps. The analyst will mainly focus on security-related documentation required for internal and external/audit consumption to obtain industry certifications like PCI-DSS compliance, ISO 27001, SOC2 and SOC3 certifications and other similar regulatory certifications. This person will also focus on enabling *** to be an integral member of Cloud Security Alliance (CSA) and submit the self-assessment documents.

The analyst must have deep understanding of technologies, tools and architecture related to Threat and Vulnerability Management, DevSecOps, Customer Facing IAM, Employee facing IAM, infrastructure security, data security and security intelligence involving SIEM tools implementation and SOC functions. Excellent verbal and written communications are required. The security analyst should have deep understanding of business context of IaaS PaaS and SaaS cloud offferings and what it takes to secure these product offerings. The analyst should also be able to translate the security implementation into risk and governance language for consumption by legal, privacy,. internal audit and external auditors. The analyst should also understand NIST and COBIT control framework and should have prior experience of helping an organization go through the certification process for certifications like ISO 27001 SOC2 etc. Knowledge of and experience in ITSM business processes and the corresponding documentation is required.
 

Mayuri Shende
mayuri@amiseq.com
(408)-503-6899/(724)-740-9637
https://www.linkedin.com/in/mayuri-shende-80700b176/
Amiseq, Inc. 1551, McCarthy Blvd, Milpitas, CA 95035