We're forward-thinking technology people with heart. We make our own rules, drive our own opportunities, and try to approach every challenge with fresh eyes.
Of course, we can't do it alone. We know when to ask for help, collaborate with others, and partner with smart people. We embrace diversity and openness because it's in our DNA.
We push limits and reward great ideas. What is your great idea?
"At NetApp, we fully embrace and advance a diverse, inclusive global workforce with a culture of belonging that leverages the backgrounds and perspectives of all employees, customers, partners, and communities to foster a higher performing organization." -George Kurian, CEO
CloudCheckr part of Spot by Netapp is a fast-paced, innovative cloud management software company who partners with some of the world's largest corporations and managed cloud services providers. We are looking for a high-energy, driven Security Risk and Compliance Analyst to join a rapidly growing industry leader in cloud management.
CloudCheckr team members are obsessed with our customer's success. We view the world from their perspective because, only then, can we empower and service them effectively.
Our Security and Risk Compliance Analyst will be responsible for performing activities to ensure compliance with standards, reduce overall company security risk and support customer compliance information needs.
Support the management Compliance frameworks (including FedRAMP, SOC 2)
Maintain Plan of Action and Milestones (POA&Ms) tracking for Federal compliance programs.
Maintain standard compliance documentation to support customer and compliance audits and assessments
Support the management of Third Party Security Risks
Help Coordinate Incident Response and Business Continuity Plans and testing
Support Compliance Audits and Assessments
Support regular auditing and reporting on security programs such as Vulnerability Management and Access Audits
Maintain metrics reporting for performance against compliance and security objectives
Provide regular compliance reporting
Maintain compliance tracking system content in Governance, Risk and Compliance (GRC) tools.
Support maintenance company standard Security Questionnaire
Support the completion Security Questionnaires for select larger potential customers
Provide input to the product in development of its compliance capabilities
Engage with external auditors & customer visits for Information Security and Compliance assessments
Performs other related duties as required & assigned
Act as a professional of high ethical standards
Work diligently to complete duties keeping in mind the objectives of the business
Drive innovation, service our employees, & treat everyone fairly & respectfully
Enable & embrace change
Technical background - Understanding of network and system security technologies and practices. Cloud technologies preferred, especially AWS.
Information Security background - understand Information security risk and control concepts
Experience in NIST 800-53, SOC 2, FedRAMP or other compliance frameworks preferred.
Ability to communicate and interact with all levels of Management
Familiarity in Compliance as Code concepts preferred.
Ability to work with data centric frameworks for documenting and assessing security controls such as OSCAL preferred.
Familiarity with Governance, Risk and Compliance (GRC) tools preferred.
Compliance Certifications such as CIPP/E, CIPP/US, CRISC, CRMA, GRCP preferred
Excellent interpersonal skills & an ability to build strong relationships
Highly motivated, collaborative & possessing an entrepreneurial mindset
Strong written & verbal communication skills
Flexible, agile & open minded with a positive attitude
Ability to work under pressure, multi-task & adhere to deadlines
Ability to work well under moderate supervision
Did you know
Statistics show women apply to jobs only when they're 100% qualified. But no one is 100% qualified.
We encourage you to shift the trend and apply anyway! We look forward to hearing from you.
In a world full of generalists, NetApp is a specialist. No one knows how to elevate the world's biggest clouds like NetApp.
We are data-driven and empowered to innovate. Trust, integrity, and teamwork all combine to make a difference for our customers, partners, and communities.
We expect a healthy work-life balance. Our volunteer time off program is best in class, offering employees 40 hours of paid time off per year to volunteer with their favorite organizations.
We provide comprehensive medical, dental, wellness, and vision plans for you and your family. We offer educational assistance, legal services, and access to discounts. We also offer financial savings programs to help you plan for your future.
If you run toward knowledge and problem-solving, join us.
Colorado Residents Only: If the Company determines this role will be performed in Colorado, the starting salary for this position is (.9 compa*). This role could be eligible for comprehensive benefits including: Medical, Dental, Vision, Life, 401(K), Paid Time off (PTO), Company bonus, Employee stock purchase plan, and restricted stocks (RSU's) *. Final compensation will be dependent on various factors such as location, qualifications, certifications, relevant work experience and other factors, consistent with applicable law.
In accordance with NetApp's Policy, all U.S. employees of NetApp must be fully vaccinated against COVID-19 if they work at a Company location or remotely. If there is a reason preventing you from receiving the COVID-19 vaccination, you must request and be approved for one of the legally acceptable exemptions and reasonable accommodation must be established.