At Xilinx, we are leading the industry transformation to build an adaptable, intelligent world. ARE YOU bold, collaborative, and creative? At Xilinx, we hire and develop leaders and innovators who want to revolutionize the world of technology. We believe that by embracing diverse ideas, pushing boundaries, and working together as ONEXILINX, anything is possible.
Our culture of innovation began with the invention of the Field Programmable Gate Array (FPGA), and with the 2018 introduction of our Adaptive Compute Acceleration Platform (ACAP), has made a quantum leap in capability, solidifying our role as the adaptable platform supplier of choice. From the start, we have always believed in providing inventors with products and platforms that are infinitely adaptable. From self-driving cars, to world-record genome processing, to AI and big data, to the world's first 5G networks, we empower the world's builders and visionaries whose ideas solve every day problems and enhance people's lives.
If you are PASSIONATE, ADAPTABLE, and INNOVATIVE, Xilinx is the right place for you! At Xilinx we care deeply about creating meaningful development experiences while building a strong sense of belonging and connection. We foster an environment of empowered learning, wellness, community engagement, and recognition, so you can focus on work that matters - world class technology that improves the way we live and work. We are ONEXILINX.
The Information Security Analyst will focus on areas that include Security Awareness, Cloud Vendor Security Assessments & Project Management.
The role will have overall responsible for our security awareness and education program. Ultimately this person's job is to reduce risk to our organization by ensuring all employees, staff and contractors know, understand and follow our security requirements and behave in a secure manner.
The preferred candidate will also be a member of our Cloud Vendors Governance team for security assessments.
The chosen candidate should be comfortable managing small to medium size security projects.
Ensure that our security awareness program meets all industry regulations, standards, and compliance requirements.
Ensure that our security awareness program communicates our security policies and requirements so that people know, understand and can follow them.
Identify the top human risks to our organization and the behaviors we need to change to mitigate those risks. Develop and maintain a security awareness program that effectively changes these behaviors so our employees act in a secure manner, reducing the most risk to our organization.
Create a positive program that engages employees, to include focusing on changing behaviors both at home and at work. Ultimately we want our employees to demonstrate the same secure behaviors regardless of where they are or the devices they are using.
Structure and maintain this program to be long term, so ultimately we are not changing just behaviors but culture.
Create a metrics framework that can effectively measure these requirements.
Key Security awareness deliverables will include:
Help define and deliver the security awareness program objectives, strategies, and tactics
Design, build, and run security awareness initiatives that educate and engage Xilinx employees and contractors regarding information security risks and best practices
Develop and roll out annual security training
Establish and report relevant metrics and KPIs to communicate status and demonstrate progress of program performance
Evidence collection for compliance-related audits
Cloud Governance Team
The preferred candidate will also be a member of our Cloud Governance Team and take responsibility for assessing the security posture of current and planned Cloud Vendor companies, based on requirements and benchmarks set forth by the Cloud Security Alliance.
The candidate will coordinate security assessments in conjunction with our Compliance function and engage extended Information Security Team members as necessary.
The chosen candidate should be very comfortable managing small to medium size security projects, utilizing best-in-class, well established and rigorous program lifecycle methods at Xilinx.
5 years solid experience in various information security roles, including security awareness.
Undergraduate degree in computer sciences or equivalent.
Security certifications such as CISSP or equivalent.
Ability to form complex 'communications / messages' in a simple, clear and concise manner to the various communities within our organization. This can include different cultures, nationalities, international locations and languages.
Project management experience, the ability to plan, manage and maintain a complex, organization wide program over the longer term.
Display practical knowledge of different message distribution techniques to ensure end user communities understand and continually apply the required behavioral change necessary to reduce the 'human factors' risk.
Ability to communicate with and coordinate the activities of others.
Understanding of the concepts of information risks and the different elements that make up risk. In addition have at a minimum a basic understanding of the different concepts of information security.
Experience developing security awareness training, programs and campaigns.
Knowledge of CIS Top 20 Critical Security Controls.
Knowledge of common vulnerabilities and threats.
Stellar writing and presentation skills.
Stakeholder and vendor management.