Sorry, this job is no longer accepting applications. See below for more jobs that match what you’re looking for!

Security Analyst Soc2

Expired Job

Infoobjects Inc Redwood City , CA 94063

Posted 2 months ago

Security Analyst SOC2
Location: Redwood City, CA
Duration: 8 Months Contract

Notes :

Audit certifications base level knowledge

Not open to remote need to be able to audit and maintain (physical presence onsite)

Experience doing and participating in SOC2 audits

Providing evidence

Knowing what effective controls are

FedRamp strong plus

The Security Compliance team has the task of ensuring customers and patients can use the FFRct Platform with confidence their data and information will always be safe and secure.

As a Security Compliance expert for, you assure our systems meet the highest security standards and conform to applicable security and government regulations so patient information remains safe and secure.


Audits security strategies, processes, and best practices for compliance with security regulations and frameworks, specifically HIPAA and HITRUST CSF.

Maintains audit records and tracks security metrics for continuous reporting and monitoring requirements Participate in monthly, quarterly, and annual audit programs to assert confidence over internal controls and driving IT solutions

Consult with IT peers and leadership to improve control efficiencies and operating effectiveness Driving remediation efforts and work with company stakeholders

Partner with staff from Finance, HR, Legal, and Sales (among others) to obtain and review evidence of compliance

Evangelize business owners to do the right thing using diplomacy and tact in all interactions

Track and report findings and work with teams to remediate and mitigate risks

Plan and perform internal audits to assess control design and effectiveness

Consult and assist audit efforts with key control owners including Finance, HR, Legal, and Sales Administer or assist in all security services and projects and act as SecurityCompliance point of contact for all Departments

Assists in the administration of the Security Information Response Plan and subsequent mitigation efforts

Promotes and supports company policies, procedures, mission, values, and standards of ethics and integrity
Skills Needed:

Foundational knowledge of Agile Software Development Lifecycle, security engineering, computer and network security, authentication, and security controls, especially as they pertain to Amazon Web Services.

Ability to work independently while supporting a highly diverse global organization

Ability to easily translate technology requirements into business-friendly discussions CISSP, CISA, CGEIT, CIPT CISA, ISO 27001

Lead Implementer or audit/compliance certifications a plus Bachelor's Degree in Computer Science, Life Sciences, or related field and 1 year experience building medical, healthcare, or Life Sciences products or services.
Educational Requirements & Work Experience:

Certification as a HITRUST Certified CSF Practitioner (CCSFP) or experience in a completed HITRUST CSF certification audit

2 years of experience with Security compliance, preferably as an active Internal Security Assessor (ISA) or Qualified Security Assessor (QSA)

3 years of general auditing experience in the Medical Device, Healthcare, or Lifesciences industries (experience in a similar highly regulated industry may be considered).

Experience in performing information security risks assessments, specifically HSRAs or HITRUST CSF. ISO 27001 or FISMA/FedRamp experience desired but not necessary.

Experience tracking and creating metrics from Enterprise security tools

Solid understanding of Information Security Standards and security frameworks such as HITRUST, ISO 27001, NIST 800-37, or FISMA/FedRAMP.

security, SOC2, FedRamp
8+ Months

See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior IT Security Analyst


Posted 1 week ago

VIEW JOBS 11/1/2018 12:00:00 AM 2019-01-30T00:00 Senior IT Security Analyst We are seeking a Senior Security Analyst who will conduct business and infrastructure security compliance reviews, security risk assessments, and operational maintenance for existing security programs. Provide functional leadership to Cyber Security Operations Center (CSOC) team to ensure the confidentiality, integrity and availability of corporate information resources. As well as work closely with various internal stakeholders to provide security guidance and improve the overall security posture to meet the expanding and changing business needs of the organization Responsibilities * Serve as a security expert reviewing and recommending security controls for network, application designs, operating systems, endpoint protection, mobile device implementations of new/updated applications and services * Managing, administering and reviewing existing security products including WAF, IPS, IDS, EDR, and other endpoint security solutions. * Assist with the maintenance of security policies and procedures, training and awareness across the organization * Experienced in performing security business application and infrastructure compliance reviews, risk analysis, forensics and penetration testing. * Leads Incident Response activities including lessons learned while advising on the implementation of revised or new security controls that may be needed from the Incident Response. * Perform security risk assessment and architecture reviews to assess technical and business risk and recommend ways to update and improve the security posture.. * Monitors and maintains knowledge on new security trends and technologies to better position detective and preventive controls to maintain compliance and minimize risks associated with security breaches. * Mentor and train team members and peers on cyber security solutions and actively participate on system and application improvement project teams. * Lead and develop plans to safeguard computer configurations against accidental or unauthorized modification, destruction or disclosure and to meet data processing requirements. And ensure business and technical requirements are aligned to security policies and are implemented within regulatory and corporate compliance. Requirements: * 5+ years of experience in Information Security and Cyber Defense * 2+ years in securing Cloud Security platforms such as AWS, Microsoft and Google Cloud Solutions or SecOps environment * CISSP and or GIAC certifications * Detailed technical knowledge in security engineering, system and network security, authentication and security protocols, security vulnerabilities and remediation techniques * Extensive experience with debugging, troubleshooting, forensics, and security utilities. * Demonstrated experience in leading/mentoring team members and providing technical guidance to customers and stakeholders. * Excellent communication skills and the ability to explain complex technical ideas to non-technical audience and work with individuals at all levels. * Able to translate security policies and procedures into actionable SIEM correlation searches, alerts, dashboards and reports. * Experience leading and working a cyber breach and breach investigation * Confident ability to recognize security events of interest that may require improved detection/alerting capabilities. * Extensive experience with Windows, Linux Servers and Mac Os * In-depth knowledge of authentication protocols, encryption and other fundamental security technologies. * Familiar with emerging technologies in the security monitoring, event correlation and alert/detection space * Strong knowledge and understanding of industry standard information security practices. Our Company: Imperva® (NASDAQ: IMPV), is a leading provider of cyber security solutions that protect business-critical data and applications. The company's SecureSphere™ and Incapsula™ product lines enable organizations to discover assets and vulnerabilities, protect information wherever it lives – on-premises and in the cloud – and comply with regulations. The Imperva Application Defense Center, a research team comprised of some of the world's leading experts in data and application security, continually enhance Imperva products with up-to-the-minute threat intelligence, and publish reports that provide insight and guidance on the latest threats and how to mitigate them. Imperva is headquartered in Redwood Shores, California. To learn more visit,, our blog, on Twitter Legal Notice: Imperva is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, ancestry, pregnancy, age, sexual orientation, gender identity, marital status, protected veteran status, medical condition or disability, or any other characteristic protected by law. #LI-AC1 Imperva Redwood City CA

Security Analyst Soc2

Expired Job

Infoobjects Inc