Security Risk And Compliance Analyst

Netapp Waltham , MA 02154

Posted 2 months ago

About NetApp

We're forward-thinking technology people with heart. We make our own rules, drive our own opportunities, and try to approach every challenge with fresh eyes.

Of course, we can't do it alone. We know when to ask for help, collaborate with others, and partner with smart people. We embrace diversity and openness because it's in our DNA.

We push limits and reward great ideas. What is your great idea?

"At NetApp, we fully embrace and advance a diverse, inclusive global workforce with a culture of belonging that leverages the backgrounds and perspectives of all employees, customers, partners, and communities to foster a higher performing organization." -George Kurian, CEO

CloudCheckr part of Spot by Netapp is a fast-paced, innovative cloud management software company who partners with some of the world's largest corporations and managed cloud services providers. We are looking for a high-energy, driven Security Risk and Compliance Analyst to join a rapidly growing industry leader in cloud management.

CloudCheckr team members are obsessed with our customer's success. We view the world from their perspective because, only then, can we empower and service them effectively.

Job Summary:
Our Security and Risk Compliance Analyst will be responsible for performing activities to ensure compliance with standards, reduce overall company security risk and support customer compliance information needs.

Job Duties:

Support the management Compliance frameworks (including FedRAMP, SOC 2)

Maintain Plan of Action and Milestones (POA&Ms) tracking for Federal compliance programs.

Maintain standard compliance documentation to support customer and compliance audits and assessments

Support the management of Third Party Security Risks

Help Coordinate Incident Response and Business Continuity Plans and testing

Support Compliance Audits and Assessments

Support regular auditing and reporting on security programs such as Vulnerability Management and Access Audits

Maintain metrics reporting for performance against compliance and security objectives

Provide regular compliance reporting

Maintain compliance tracking system content in Governance, Risk and Compliance (GRC) tools.

Support maintenance company standard Security Questionnaire

Support the completion Security Questionnaires for select larger potential customers

Provide input to the product in development of its compliance capabilities

Engage with external auditors & customer visits for Information Security and Compliance assessments

Performs other related duties as required & assigned


Act as a professional of high ethical standards

Work diligently to complete duties keeping in mind the objectives of the business

Drive innovation, service our employees, & treat everyone fairly & respectfully

Enable & embrace change


Technical background - Understanding of network and system security technologies and practices. Cloud technologies preferred, especially AWS.

Information Security background - understand Information security risk and control concepts

Experience in NIST 800-53, SOC 2, FedRAMP or other compliance frameworks preferred.

Ability to communicate and interact with all levels of Management

Familiarity in Compliance as Code concepts preferred.

Ability to work with data centric frameworks for documenting and assessing security controls such as OSCAL preferred.

Familiarity with Governance, Risk and Compliance (GRC) tools preferred.

Compliance Certifications such as CIPP/E, CIPP/US, CRISC, CRMA, GRCP preferred

Excellent interpersonal skills & an ability to build strong relationships

Highly motivated, collaborative & possessing an entrepreneurial mindset

Strong written & verbal communication skills

Flexible, agile & open minded with a positive attitude

Ability to work under pressure, multi-task & adhere to deadlines

Ability to work well under moderate supervision

Did you know

Statistics show women apply to jobs only when they're 100% qualified. But no one is 100% qualified.

We encourage you to shift the trend and apply anyway! We look forward to hearing from you.

Why NetApp?

In a world full of generalists, NetApp is a specialist. No one knows how to elevate the world's biggest clouds like NetApp.

We are data-driven and empowered to innovate. Trust, integrity, and teamwork all combine to make a difference for our customers, partners, and communities.

We expect a healthy work-life balance. Our volunteer time off program is best in class, offering employees 40 hours of paid time off per year to volunteer with their favorite organizations.

We provide comprehensive medical, dental, wellness, and vision plans for you and your family. We offer educational assistance, legal services, and access to discounts. We also offer financial savings programs to help you plan for your future.

If you run toward knowledge and problem-solving, join us.

Colorado Residents Only: If the Company determines this role will be performed in Colorado, the starting salary for this position is (.9 compa*). This role could be eligible for comprehensive benefits including: Medical, Dental, Vision, Life, 401(K), Paid Time off (PTO), Company bonus, Employee stock purchase plan, and restricted stocks (RSU's) *. Final compensation will be dependent on various factors such as location, qualifications, certifications, relevant work experience and other factors, consistent with applicable law.

In accordance with NetApp's Policy, all U.S. employees of NetApp must be fully vaccinated against COVID-19 if they work at a Company location or remotely. If there is a reason preventing you from receiving the COVID-19 vaccination, you must request and be approved for one of the legally acceptable exemptions and reasonable accommodation must be established.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Analyst Regulatory & Corporate Compliance Management

National Grid

Posted 2 weeks ago

VIEW JOBS 6/8/2022 12:00:00 AM 2022-09-06T00:00 As part of National Grid's continued commitment to safety, all new hires must be fully vaccinated against COVID-19. Anyone unable to be vaccinated, either because of a sincerely held religious belief or medical reason can request a reasonable accommodation. About us Every day we deliver safe and secure energy to homes, communities, and businesses. We are there when people need us the most. We connect people to the energy they need for the lives they live. The pace of change in society and our industry is accelerating and our expertise and track record puts us in an unparalleled position to shape the sustainable future of our industry. To be successful we must anticipate the needs of our customers, reducing the cost of energy delivery today and pioneering the flexible energy systems of tomorrow. This requires us to deliver on our promises and always look for new opportunities to grow, both ourselves and our business National Grid is hiring a Senior Analyst of Regulatory and Corporate Compliance Management. The position is located in the Waltham, MA office. Job Purpose To support National Grid in achieving its strategic objectives by providing assurance over key controls and mitigating activities that the organization relies on to manage its regulatory compliance obligations. To plan, execute, and report on a wide varity of regulatory compliance obligations, test controls and manage remediation of regulatory compliance assurance findings. Support and execute against corporate compliance obligations, and support the operating rhythm around the Juridiction's corporate compliance obligations, including the planning, execution, and reporting on such obligations. Key Accountabilities * Execute and adhere to regulatory assurance processes, procedures, and frameworks. * Administer and support reporting mechanisms, KPIs, and resulting scorecards for effective regulatory compliance performance management (e.g., aggregation of local, functional, and regional performance). * Provide support, advice, and challenge to National Grid's First Line of Defense (the business) in the Three Lines of Defense approach. * Provide advice and training support on regulatory compliance management techniques and internal control design. * Execute risk-based controls testing, documention and reporting in line with good practice guidance. * Prepare and present comprehensive, clear, concise reports, maintaining objectivity and impartiality. * Manage and coordinate the timely execution of team projects, ensuring that activities, including testing plans, are properly focused on key obligations and delivering value to the business. * Manage remediation of Regulatory Compliance assurance findings. * Ensure Regulatory Compliance activities are delivered at a high standard and in compliance with international professional standards and good practice. * Proactively look for areas of improvement and provide value adding and insightful recommendations on process and controls improvements. * Communicate with Manager to avoid surprises, highlight issues and ensure timely delivery. * Leverage software/technology to support regulatory compliance management, controls testing work and assurance findings. Support the New England business in meeting corporate compliance obligations in a timely manager. * Manage and administer reporting mechanism, KPIs, and resulting scorecards for effective corporate compiance performance management. * Lead and report on corporate compliance matters to ensure (1) visibility into risks associated with achieving compliance with new requirements or sustaining compliance with existing requirements, (2) consistent application of procedures and processes, and (3) processes to identify continuous improvement opportunities. * Serve as, or support, the Lead Compliance Champion and Lead for key Corporate Compliance activities (e.g., Certificate of Assurance, Ethics & Compliance). * Manage the timely execution of team projects, ensuring that activities properly focused on key corporate obligations, delivering value to the business. Supervisory/Interpersonal- Experience Required * Ability to lead, motivate, counsel, coach, develop and influence others. * Ability to develop and maintain strong stakeholder relationships to become a trusted advisor. Qualifications * A Bachelor's degree in Business Administration, Accounting, Engineering or relevant field, with an advanced degree a plus. * 4+ years of relevant work experience, including Internal Audi, or SOx, with Big 4 or medium-sized consultancy or Internal Audit in a large company (preferably Energy/Utilities). * Strong communication skills, including interpersonal, written (documentation and reporting) and verbal skills. * Strong technical regulatory compliance management skills, understanding of internal controls frameworks, Three Lines of Defense model, and controls testings, as well as broader business acumen. * Strong planning, organizational, and project management skills. * Compliance programing experience and track record of success. Strong knowledge of the elements of an effective compliance program. * Ability to be flexible and agile to changing conditions. * Demonstrable commitment to integrity and ethical values. * Strong knowledge and understanding of regulatory compliance management prevailing practice, business processes, internal controls, and controls testing methodologies. * Technology experience, including data analytics (e.g., ACL) and visualization tools (e.g., Power BI) a plus. * Professional certification or equivalent in relevant area (e.g., Certified Internal Auditor, Certified Public Accountant, Certified Ethics and Compliance Professional - CCEP), or working towards qualification preferred. More Information This position has a career path which provides for advancement opportunities within and across bands as you develop and evolve in the position; gaining experience, expertise and acquiring and applying technical skills. Candidates will be assessed and provided offers against the minimum qualifications of this role and their individual experience. National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise.  We foster a culture of inclusion that drives employee engagement to deliver superior performance to the communities we serve.  National Grid is proud to be an affirmative action employer. We encourage minorities, women, individuals with disabilities and protected veterans to join the National Grid team. National Grid Waltham MA

Security Risk And Compliance Analyst