Senior Security Compliance Analyst

It's fun to work in a company where people truly BELIEVE in what they're doing! We're committed to bringing passion and customer focus to the business. The Role We are looking for a Senior Security Compliance Analyst that will be responsible for supporting an enterprise-wide security governance, compliance, and risk management program including the development and maintenance of key policies, controls framework, and security awareness. In this role, you will join the Global Information Security (GIS) team, and report to the Director of Governance, Risk and Compliance. You will partner with product, engineering, and operations teams to help define and implement light-weight processes that address SOC 2, FedRAMP, NIST CSF, and internal compliance requirements. You will support internal and external audits to ensure security and maintain external certifications. You will also collaborate with other teams to ensure we have a full lifecycle and end-to-end view of our compliance program in a fast-paced, dynamic environment. Your day-to-day

• Partner with product and operations teams in supporting company-wide audit activities
• Review business processes to identify and address potential risks
• Perform periodic security assessments to ensure compliance with information security policies and established security controls
• Interpret and translate audit controls and evidence criteria for internal product teams and other stakeholders, consulting external auditors
• Analyze and resolve audit findings in a proactive and timely fashion
• Build relationships across business functions, locations, and technical stakeholders to accomplish goals
• Utilize innovative ideas and tools to enhance operational effectiveness and reduce risk
• Evaluate and recommend improvements to business practices, processes, and controls

What you bring to the team

• Experience with translating compliance requirements into policies, procedures, and implementation plans
• Experience with security and compliance frameworks
• Experience supporting audits and with audit methodology
• Experience with the design and testing of IT security controls
• Passion about process improvement and removing friction from systems
• Familiarity with vulnerability management concepts, including how to read and interpret scan results
• Knowledge of IT practices including information security concepts and cloud infrastructure/services
• Knowledge of software development practices and cloud services, especially AWS
• Self-direction, analytical skills, and attention to detail with a passion to solve practical problems
• Ability to present ideas/solutions and communicate clearly, concisely, and accurately with others at all levels of the organization
• Experience implementing a GRC solution is desirable
• Experience in a managed hosting and/or Software-as-a-Service environment is desirable
• 5+ years of professional experience in a technology environment

#LI-KE1 #LI-Remote If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us! If you are a Colorado Resident: Proofpoint carefully considers a wide range of compensation factors, including your background and experience. These considerations can cause your compensation to vary. The hiring range for this position is typically: 103,670.00 - 148,100.00 USD Actual offer will be based on the individual candidate. Bonus, commission, and/or equity may be eligible for this position. Additional benefits for this position can be found at https://pfptbenefits.com. This statement is being provided in accordance with the Colorado Pay and Benefit Disclosure requirements of sb19-968.