Information Security Analyst

Xilinx, Inc. San Jose , CA 95111

Posted 3 months ago

At Xilinx, we are leading the industry transformation to build an adaptable, intelligent world. ARE YOU bold, collaborative, and creative? At Xilinx, we hire and develop leaders and innovators who want to revolutionize the world of technology. We believe that by embracing diverse ideas, pushing boundaries, and working together as ONEXILINX, anything is possible.

Our culture of innovation began with the invention of the Field Programmable Gate Array (FPGA), and with the 2018 introduction of our Adaptive Compute Acceleration Platform (ACAP), has made a quantum leap in capability, solidifying our role as the adaptable platform supplier of choice. From the start, we have always believed in providing inventors with products and platforms that are infinitely adaptable. From self-driving cars, to world-record genome processing, to AI and big data, to the world's first 5G networks, we empower the world's builders and visionaries whose ideas solve every day problems and enhance people's lives.

If you are PASSIONATE, ADAPTABLE, and INNOVATIVE, Xilinx is the right place for you! At Xilinx we care deeply about creating meaningful development experiences while building a strong sense of belonging and connection. We foster an environment of empowered learning, wellness, community engagement, and recognition, so you can focus on work that matters - world class technology that improves the way we live and work. We are ONEXILINX.

The Information Security Analyst will focus on areas that include Security Awareness, Cloud Vendor Security Assessments & Project Management.

The role will have overall responsible for our security awareness and education program. Ultimately this person's job is to reduce risk to our organization by ensuring all employees, staff and contractors know, understand and follow our security requirements and behave in a secure manner.

The preferred candidate will also be a member of our Cloud Vendors Governance team for security assessments.

The chosen candidate should be comfortable managing small to medium size security projects.


Security Awareness Program

Responsibilities:
  • Ensure that our security awareness program meets all industry regulations, standards, and compliance requirements.

  • Ensure that our security awareness program communicates our security policies and requirements so that people know, understand and can follow them.

  • Identify the top human risks to our organization and the behaviors we need to change to mitigate those risks. Develop and maintain a security awareness program that effectively changes these behaviors so our employees act in a secure manner, reducing the most risk to our organization.

  • Create a positive program that engages employees, to include focusing on changing behaviors both at home and at work. Ultimately we want our employees to demonstrate the same secure behaviors regardless of where they are or the devices they are using.

  • Structure and maintain this program to be long term, so ultimately we are not changing just behaviors but culture.

  • Create a metrics framework that can effectively measure these requirements.

Key Security awareness deliverables will include:

  • Help define and deliver the security awareness program objectives, strategies, and tactics

  • Design, build, and run security awareness initiatives that educate and engage Xilinx employees and contractors regarding information security risks and best practices

  • Develop and roll out annual security training

  • Establish and report relevant metrics and KPIs to communicate status and demonstrate progress of program performance

  • Evidence collection for compliance-related audits

Cloud Governance Team

The preferred candidate will also be a member of our Cloud Governance Team and take responsibility for assessing the security posture of current and planned Cloud Vendor companies, based on requirements and benchmarks set forth by the Cloud Security Alliance.

The candidate will coordinate security assessments in conjunction with our Compliance function and engage extended Information Security Team members as necessary.

Project Management

The chosen candidate should be very comfortable managing small to medium size security projects, utilizing best-in-class, well established and rigorous program lifecycle methods at Xilinx.

Qualifications:

  • 5 years solid experience in various information security roles, including security awareness.

  • Undergraduate degree in computer sciences or equivalent.

  • Security certifications such as CISSP or equivalent.

  • Ability to form complex 'communications / messages' in a simple, clear and concise manner to the various communities within our organization. This can include different cultures, nationalities, international locations and languages.

  • Project management experience, the ability to plan, manage and maintain a complex, organization wide program over the longer term.

  • Display practical knowledge of different message distribution techniques to ensure end user communities understand and continually apply the required behavioral change necessary to reduce the 'human factors' risk.

  • Ability to communicate with and coordinate the activities of others.

  • Understanding of the concepts of information risks and the different elements that make up risk. In addition have at a minimum a basic understanding of the different concepts of information security.

  • Experience developing security awareness training, programs and campaigns.

  • Knowledge of CIS Top 20 Critical Security Controls.

  • Knowledge of common vulnerabilities and threats.

  • Stellar writing and presentation skills.

  • Stakeholder and vendor management.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Security Analyst

Fenwick & West LLP

Posted 2 months ago

VIEW JOBS 10/10/2019 12:00:00 AM 2020-01-08T00:00 Job Description Summary: Our IT Department has an opening for an Information Security Analyst who will be primarily responsible for day-to-day security threat monitoring and analysis from client security to enterprise servers, operating systems, applications and infrastructure devices. The Information Security Analyst will also work with IT Security management on developing, implementing and managing security controls and defenses related to the execution for the Information Security Program, including Intrusion Detection, Log Monitoring, Vulnerability Assessment, and Information Security Process & Reporting. This position can be based in our San Jose (preferred) or Foster City office. Job Description: * Manage and support the log collection, security scanning, intrusion detection, content filtering and other security-related systems. * Review and triage information security alerts, provide analysis, determine and track remediation, and escalate as appropriate. * Active member of the Computer Security Incident Response Team (CSIRT) responding to reported incidents according to the Incident Response Plan. * Provide support for the log management and Security Information and Event Monitoring (SIEM) solutions. * Review and triage experience with endpoint detection and response tools. * Provide technical leadership for the vulnerability management program, advanced security monitoring, providing proactive detection and prevention. * Ensure authorized access by investigating improper access; revoking access; reporting violations; monitors information requests; recommend improvements. * Actively participate in the maintenance and development of the Information Security Management System (ISMS). * Participate in security and change management meetings. * Provides installation, maintenance, upgrades and troubleshooting of security applications, appliances across all functional departments. Desired Skills and Qualifications: * Strong knowledge of current security threats, techniques, and landscape, as well as a dedicated and self-driven desire to research current information security landscape. * Ability to research, develop and keep abreast of tools, techniques, and process improvements in support of security detection and analysis in accordance with current and emerging threats and attack vectors. * Ability to take on additional tasks as defined by the Information Security Management Team, including participating in the on-call rotation. * Strong knowledge of Incident Analysis and Response concepts and techniques, including incident tracking process, root cause, lessons learned and process improvements. * Deep understanding of network devices and architecture, TCP/IP, network protocols, server operating systems, and vulnerability scanning. * Strong understanding of internal control concepts and policies with focus on improving process/procedure manuals and documentation. * Strong knowledge of cybersecurity frameworks (such as ISO 27001, NIST CSF, CIS, etc.) * Knowledge of Windows, Linux/Unix, VMware, IDS/IP, forensic discovery. * Knowledge in security awareness training. * Strong interpersonal and communication skills and the ability to work effectively with a wide range of constituencies in a diverse community. * May perform other duties as assigned including work in other areas to cover absences or relief to equalize peak work periods or otherwise balance the workload. Reporting to the Chief Security Officer, the ideal candidate will have a minimum of 4 years of security analyst experience within a complex operational and development environment. Bachelor's degree in Information Assurance, Information Security, Computer Science, related field and/or equivalent experience. Certifications such as CISSP, CISM, GCIH, GCIA, GPEN not required but preferred. Fenwick & West LLP San Jose CA

Information Security Analyst

Xilinx, Inc.