Technical Compliance Analyst Remote (US) ID-12495
<p><strong>What you can expect:</strong></p>
<p>In this role, youll have the opportunity to work on compelling and high-impact projects that maintain Zoom for Government compliance with DoD and FedRAMP guidelines. As a valued team member, youll collaborate with talented professionals while contributing to Zooms success in government sectors. We encourage you to share your innovative ideas, think outside the box, and create meaningful impact within the organization.</p>
<p> </p>
<p><strong>About the Team:</strong></p>
<p>You will join a dynamic team dedicated to managing vulnerability and compliance for Zoom for Government. Our team fosters collaboration, creativity, and transparent communication, ensuring every member can contribute meaningfully to our collective success. We embrace innovation and agile execution while supporting one another in achieving both personal and team objectives. Here, youll discover an inclusive and engaging environment where every team member is valued and empowered to maximize their potential.</p>
<p> </p>
<p><strong>Responsibilities:</strong></p>
<p>• Validate and drive vulnerability remediation for discovered vulnerabilities.</p>
<p>• Build the bridges between security and compliance by working directly with operations</p>
<p>teams, infrastructure teams, security teams, related Zoom teams, and Government</p>
<p>authorizing officials.</p>
<p>• Interact with senior levels of government agencies.</p>
<p>• Conduct security assessments, significant change requests, and attestations.</p>
<p>• Work as an internal auditor for the organization’s infrastructure and services.</p>
<p>• Develop technical knowledge of control implementation.</p>
<p>• Improve documentation, track progress, coordinate improvement efforts, and monitor</p>
<p>process improvement effectiveness.</p>
<p>• Communicate requirements effectively to internal and external stakeholders.</p>
<p>• Serve as a liaison between agencies/auditors and internal teams regarding compliance</p>
<p>issues and solutions.</p>
<p>• Support the Security Operations team in resolving audit and vulnerability findings.</p>
<p>• Meet regularly with technical teams to follow up on patching cadence.</p>
<p>• Implement automated monitoring and alerting on continuous compliance tasks.• Report continuous monitoring documentation to associated organizations (FedRAMP,</p>
<p>StateRAMP, DISA) on a monthly basis.</p>
<p>• Effectively recognize and mitigate threats by performing relevant research and data</p>
<p>analysis.</p>
<p>• Report security incidents.</p>
<p>• Perform other duties as needed.</p>
<p> </p>
<p><strong>Requirements:</strong></p>
<p>• B.S or M.S in Computer Science, Cybersecurity, Information Security, or related field, or</p>
<p>equivalent relevant experience.</p>
<p>• Knowledge or experience with vulnerability scanners such as Tenable, Prisma, Burp</p>
<p>Suite, etc.</p>
<p>• Experience with security compliance frameworks such as FedRAMP, NIST/DoD RMF, and</p>
<p>NIST SP 800-series publications.</p>
<p>• Experience working with testing tools such as Nessus, DISA STIGs / STIG Viewer, etc.</p>
<p>• Knowledge of desktop, server, mobile operating systems, and cloud computing providers.</p>
<p>• Ability to plan, organize, prioritize, work independently, and meet deadlines.</p>
<p>• Must be a U.S. citizen or green card holder.</p>
<p> </p>
<p><strong>Pluses:</strong></p>
<p>• Engineering background (such as Electrical Engineering, Software Engineering, Systems</p>
<p>Engineering) is highly desirable. Experience in designing or optimizing technical systems</p>
<p>is a strong advantage in driving compliance and security integration efforts.</p>
<p>• Deep understanding of OWASP Top 10, specifically A06:2021 Vulnerable and Outdated</p>
<p>Components.</p>
<p>• CISSP/CISM/CEH certifications.</p>
<p>• Experience with container management tools such as Docker, Amazon ECS, Kubernetes,</p>
<p>or equivalent implementations.</p>
<p>• Knowledge of multiple cloud computing providers such as AWS, OCI, etc.</p>
<p>• Experience working in the public sector or with government clients.</p>
<p>• Active Security Clearance.</p>
