CLICK HERE TO SUBMIT YOUR APPLICATION
What is primary need, challenge, and/or problem you will be responsible for?
The Compliance Analyst will support the Information Security organization in ensuring compliance requirements are met and to address cyber security risk across the organization.
In this role, you will assist with the overall execution of compliance programs aimed at achieving and maintaining industry accreditations and certifications such as FedRAMP, SOC 2, PCI, HIPAA, and GDPR; and provide subject-matter expertise on FedRAMP requirements and ensure FedRAMP requirements are met and collect FedRAMP evidence and artifacts to present to auditors.
You will independently perform risk-based security reviews of Dizzion’s internal systems, applications, and third-party integrations, formulate and drive GRC roadmap, security policies, vendor security reviews and security training, and monitor and improve development, implementation, and maintenance of global security policy, enterprise security standards, guidelines, and procedures.
You’ll work cross-functional teams to assess infrastructure, business continuity risks, and recommend remediation plans to protect confidentiality, integrity, and availability of critical enterprise assets.
Additionally, you will prioritize identified risks in accordance with corporate security policies and pragmatic threats and translate them into executable cross functional projects.
The Compliance Analyst will work with external auditors to achieve security compliance certifications and reports. Also, regularly report on status, operational metrics and KPI’s, providing transparency to company Leadership and internal stakeholder teams.
You will define and assess the capabilities, maturities, and effectiveness of cybersecurity implementations. As well as lead and influence ongoing risk analysis efforts, focused on prioritizing resources and investments based on risk exposure.
What Other Skills Give Me an Advantage?
- Knowledge of compliance and security frameworks such as FedRAMP, SOC 2, NIST, PCI etc.
- Experience with risk assessment, benchmarks, and maturity models
- 2+ years of experience managing security initiatives and personnel
- 2+ years of experience in enterprise security handling infrastructure and application security engineering
- Must be able to work in a FedRAMP moderate environment
- Solid execution track record in security projects with demonstrated risk reduction ROI
- Experience maintaining and securing cloud, data center, and corporate environments
- Demonstrated ability to stay up to speed on evolving threat surfaces and shaping/influencing information security portfolio accordingly
- Proficient in Windows and Linux operating systems
- Subject-matter expert on security issues and technologies
- Experience working across a technology stack on difficult security challenges and initiatives
Preferred Skills:
- Experience with FedRAMP certification and operations
- Experience in either AWS, GCP, or other large cloud platforms
- VMware Certified Professional (VCP)
- Experience in project or program management. PMP or other management certification desired
- Knowledge of compliance and security frameworks such as FedRAMP, SOC 2, NIST, PCI etc.
- Strong knowledge of NIST Special Publications 800-30, 800-37, 800-53
- Experience using Cloud Security Posture Management and Cloud Workload Protection Platforms
- Experience operating in PCI, HIPAA, and GDPR environments
- Experience with automating manual security processes
- Security Certifications such as (Cloud, CISSP, CISA, SANS)
What is the leadership like for this role? What is the structure and culture of the team like?
The hiring manager for this role is Eric Zielinski, Vice President and Chief Information Security Officer. With over 20 years of Cyber Security industry insight, Eric has garnered a reputation as an industry leader with a passion for innovation and an ability to align key cyber initiatives with corporate objectives.
We hire people from various backgrounds. It’s not the language but the tenacity that matters to us. We love to solve business problems.
Benefits
- Comprehensive medical (including telehealth), dental and vision plans to fit your needs
- Employee assistance program
- Employer paid basic life insurance and AD&D
- 401(k) retirement plan
- Self-Managed Paid Time Off, work hard and take time when you need it
- Generous holiday schedule
- Voluntary short and long term disability
- We set you up for success, equipping you with the latest and greatest hardware
- Awesome co-workers!
Compensation
- $70,000 – $85,000 annually (Salary to be determined by the education, experience, knowledge, skills and abilities of the applicant, and alignment of market data.)
- Quarterly bonus program
Company Overview
Dizzion, Inc. is a leading provider of high-performance managed Desktop as a Service (DaaS) to the global remote workforce. Founded in 2011, Dizzion’s proven end-user cloud platform enables maximum work from home success while protecting business process outsourcers (BPO), enterprise contact centers, healthcare, financial services, and insurance companies with real HIPAA, PCI-DSS and SOC 2 Type II compliance. Customers further digital transformation with AnyCloud global delivery, seamless hybrid IT integration, zLink secure endpoints, and COSMOS orchestration and analytics. Visit dizzion.com for more information. Dizzion | Work from Home. Business as Usual.
In recruiting for our team, we welcome the unique contributions that all potential candidates can bring in terms of their education, opinions, culture, ethnicity, race, gender identity and expression, nationality, age, languages spoken, veteran’s status, religion, disability, sexual orientation and beliefs.
And if this role is exciting you, we encourage you to apply even if you don’t meet all 100% of the description or qualifications. Finally, and most importantly, we are a proud Equal Opportunity Employer. This position is full-time FLSA exempt.