Security Compliance Analyst
Location: Santa Clara
Posted on: June 8, 2021
We have an exciting opportunity for a Security Compliance
Analyst to join the Gigamon IT Security team.
The ideal team member will assist with and participate in the
planning, design, implementation, operation, and maintenance of IT
Governance, Risk & Compliance (GRC) efforts intended to support
Business and IT Risk Management and Assurance goals and objectives.
Primary functions include: the collection of appropriate and
relevant data for the monitoring and analysis of specific IT
control activities, liaising with and providing consultative
support to IT control owners and performers, generation of reports
for analysis, assessment and presentation to IT and business
management, recommendations on and tracking of control remediation,
and coordination of efforts with internal and external
- Analyze and recommend operational and business workflow changes
to management in order to strengthen the control
- Participates in IT GRC team efforts to plan, design, implement
and maintain IT Governance, Risk & Compliance initiatives and their
- Scoping of relevant business entities, systems, &
- Identification of and coordination with Risk & Control Owners
on all relevant requirements
- Consultation and assistance to Risk & Control Owners in the
planning, design, implementation, operation, maintenance &
remediation of control activities and other supporting requirements
(e.g. policies, standards, processes, system configurations, etc.)
- Development of appropriate technical job aids and automation
(e.g. scripts, queries, dashboards, etc.) in support of control
performance, monitoring and assessment.
- Alignment and coordination with Financial Controls, Internal
Audit teams as appropriate
- Coordination with and support of External Audit partners in the
planning, execution of, and reporting on annual external testing of
Internal (IT General) Controls.
- Coordination, tracking and reporting of remediation plans and
progress for all identified IT Control deficiencies
- Enables the performance of specific IT control activities in
support of business objectives.
- Collection and distribution of appropriate and relevant data in
a timely fashion for the performance of access reviews and other
identified control activities
- Identification and communication of deficiencies and other
items of concern to appropriate parties during the performance of
control activities for timely correction and/or remediation as
- Maintenance and archiving of all relevant data and supporting
documentation as evidence of the performance of control
- Perform duties as requested by Management, in addition to the
essential job functions described above.
Skills and expertise:
- A minimum of four (4) years' experience in Information Security
- Bachelor's or Associate Degree in Information Security,
Information Technology or Information Technology Management.
- Prefer candidate with critical technical and
leadership-oriented IT security certifications, such as CISSP,
CISM, or equivalent.
- Proven experience in planning, organizing, and developing IT
security teams and strategy, whether staff or third parties
- Substantial exposure to data processing, hardware platforms,
enterprise software applications and outsourced systems, with
preference in Microsoft Technologies.
- Expertise in leverage of cloud-based solutions necessary to
enable the distributed enterprise.
- Good understanding of computer systems characteristics,
features and integration capabilities
- Proven leadership ability: ability to instill confidence in the
business and demonstrate the business value of IT
- Exceptional leadership skills with the ability to develop and
communicate an enterprise security vision that inspires and
motivates staff and aligns to the IT and business strategy
- Effective influencing and negotiation skills in an environment
where resources may not be in direct control of this role
- Excellent analytical, strategic conceptual thinking, strategic
planning and execution skills
- Strong business acumen, including industry, domain-specific
knowledge of the enterprise and its business units
- Success in leveraging both traditional best practices, such as
IT service management practices based on ITIL, as well as emerging
methods like DEV/SEC/OPS that are optimized for agility
- Demonstrated ability to develop and execute a strategic people
plan that ensures that the right people are in the right roles at
the right time and that employees are highly engaged and
- Strong vendor management and partner relationship skills
- Excellent verbal and written communication skills, including
the ability to explain technical concepts and technologies to
business leaders, and business concepts to the security
- Ability to motivate as a servant leader in a team-oriented,
Keywords: Gigamon, Santa Clara , Security Compliance Analyst, Other , Santa Clara, California
Didn't find what you're looking for? Search again!