What We Do:
We are providing solutions for one of the largest needs in the security space. Forescout is at the forefront of IoT Security. As the world is becoming more and more connected so is the need for Forescout's solutions. We are looking for individuals that want to be on the ground floor of building a product that addresses the world's most challenging security problems. Forescout Technologies is the leader in device visibility and control and we have pioneered an agentless approach to network security to address the explosive growth of the Internet of Things (IoT), cloud computing and operational technologies (OT). We offer a highly scalable, heterogeneous platform that provides Global 2000 enterprises and government agencies with agentless visibility and control of today's vast array of physical and virtual devices the instant they connect to the network. Our technology continuously assesses, remediates and monitors devices and works with disparate security tools to help accelerate incident response, break down silos, automate workflows and optimize existing investments.
We're looking for an Information Risk Manager to join our security team at ForeScout! This is a ground-floor opportunity to define and create security and risk controls around cloud-based systems at ForeScout. As a member of the Information Security Team, you will help design and control the security environment around the next generation of ForeScout's multi-cloud architecture. Working from our San Jose office, you'll collaborate across global teams to establish security, compliance, and availability strategies to improve our products reliability and scalability. You'll be part of a team and have access to operational tools and security products that will be used by Forescout team members around the globe. In addition to improving ForeScout's services, this is also an opportunity to contribute to the overall culture and strategies around service operations and reliability here at ForeScout (incident response, post-mortems, trend analysis, availability standards, compliance controls, NIST and SOC controls). This is a high-visibility role that will greatly impact the quality of our services used by our customers.
What You Will Do:
Assess and implement controls for cloud computing services, cloud security controls, and identity and access management.
Create, implement, test, and remediate compliance controls for cloud architecture systems.
Manage yearly timetable for pen testing and vulnerability assessments.
Create patch/vulnerability management framework and compliance testing
Work with IT/OPS to ensure authorization/authentication structure meets security controls and compliance requirements
Ensure Security controls are injected into the Software Development Lifecycle.
Operationalize Security Metrics for reporting and compliance.
Automate security incident reporting and alerting systems
What You Bring to ForeScout:
Bachelor degree or equivalent work experience
7+ yrs InfoSec experience
4 yrs security and audit control experience and proficiency in AWS Cloud
CISSP, CCSP, AWS Cloud certifications, CISA, ISSAP, ISSEP, GIAC, or similar certifications
Extensive AWS cloud knowledge around security controls, logging, WAF, and threat management experience.
Experience in information security, IT audit or IT risk management related role
Must have experience with one or more of the following: conducting security control assessments, risk assessments or audits
Prefer experience with any of the following: PCI, Sarbanes Oxley (SOX), NIST cybersecurity framework, ISO 2700X security standards, and data protection regulations and requirements
What ForeScout Offers You:
Competitive compensation and Benefits
Collaborative and innovative environment make an impact on worldwide security while working on the hottest technology.
We work hardand we PLAY hard!