Senior Security Compliance Analyst
The Cisco Security Business Group (SBG) focuses on empowering the world to reach its full potential, securely through the Cisco Secure products. Within the SBG Security team, we support this mission by building thoughtful partnerships with our internal stakeholders to drive security strategy alignment across the SBG portfolio to deliver simple, effective security solutions for our internal customers that meet both market and industry expectations.
Our team’s mission is to become our internal customers’ most trusted partners by building best-in-class security programs that shape the market with our research, make it easy for our customer teams within Cisco to develop secure software, protect our most valuable information and customer assets, and enable SBG employees to work securely as they deliver Cisco Secure products including Duo, Umbrella, SecureX, Talos, Amp for Endpoints, StealthWatch, Tetration, and beyond.
#WeAreCisco, where each person is unique and our team is our secret weapon. We run the spectrum from artists to analysts, low-key to high energy, and bring together a diversity of skill sets, experiences, and perspectives to solve the complex problems that come with securing a growing business. Together we build solutions that are easy, effective, trustworthy, and enduring.
We are looking for a Senior Security Compliance Analyst to be responsible for the execution and management of security compliance certification programs across the company that include SOC2, PCI, and ISO 27001, 27017, 27018. This role will be focused on evaluating security controls, acting as a subject matter expert, and supporting audits for certification programs.
What You Will Do:
Responsible for execution and management of security compliance certification programs across that company.
Evaluate security controls, supporting audits, and acting as a compliance subject matter expert.
Maintain monitoring of security controls and operating procedures in cooperation with internal teams.
Manage compliance controls lifecycle including design, testing, ongoing monitoring, mapping to risks, policies and procedures.
Effectively communicate with management on decisions that impact multiple programs and teams.
Partner with external partners to ensure compliance program activities are managed appropriately and organized in a manner that promotes alignment.
Skills You Have:
Experience leading security compliance activities, including SOC2, PCI, and ISO 27001, 27017, 27018.
Experience in leading programs for SaaS security compliance frameworks.
Experience in building productive relationships with both technical and non-technical teams.
Experience in risk management, controls assessment, and management of areas of GRC.
The ability to identify dependencies between complex projects and determine potential impact.
The ability to drive collaboration and influence multiple teams, both technical and non-technical.
3 reasons to apply:
You’re a skilled team lead looking for new growth opportunities.
You are passionate about how compliance enhances security operations and provides trust to customers.
You love driving process improvements for a fast growing security company and partnering with teams to implement improvements.
3 reasons to not apply:
If you need a lot of well-established policies and procedures before you can make decisions and drive results, this might not be the best role for you.
If you are looking for a check-the-box driven security compliance program.
If you do not think partnership drives security results at a company.
Our team is committed to cultivating and preserving a culture of inclusion and connectedness. We are able to grow and learn better together with a diverse team of employees. The collective sum of the individual differences, life experiences, knowledge, innovation, self-expression, and talent that our employees invest in their work represents not only part of our culture, but our reputation and Cisco’s achievement as well. In recruiting for our team, we welcome the unique contributions that all potential candidates can bring in terms of their education, opinions, culture, ethnicity, race, gender identity and expression, nationality, age, languages spoken, veteran’s status, religion, disability, sexual orientation and beliefs.
And if this role is exciting to you, we encourage you to apply even if you don’t meet all 100% of the description or qualifications. Finally and most importantly, we are a proud Equal Opportunity Employer.