We're on a mission to transform global workplace communication, and we need your help. How do you prefer to
collaborate with your colleagues? By phone, video, instant message, or even text? Fuze is making it easy for businesses
to embrace the modern, mobile workforce. We offer a single cloud-based platform that includes these technologies and
more for simple, smart communication that works. Headquartered in Boston, MA with offices and customers worldwide,
we're growing at a lightning-fast speed to meet the demands of the evolving unified communications as a service
The Security Analyst reports to the Director of Information Security and is tasked to provide timely and quality service to
ensure that IT security, privacy and compliance risks are adequately identified, communicated, mitigated and/or tracked
for remediation. This position will support IT global risk and compliance projects, and contribute to the information
security compliance program.
- Assist with the planning, execution, gathering of evidence, and reporting for audits, attestations, and regulatory requirements across the globe. Work across teams to ensure processes and procedures are followed and align with audit requirements
- Perform security risk assessments according to the Fuze Security Risk Framework, as needed
- Triage and drive to closure in a timely manner security requests which are received on a regular basis
- Assist with vulnerability management activities and penetration testing of the Fuze platform
- Research and maintain a knowledge base regarding information security issues, solutions and potential implications.
- Work with teams at Fuze to ensure remediation of potential vulnerabilities. Perform ad hoc testing and investigations as needed to better the platform security posture
- Provide remediation recommendations and/or recommend alternate solutions to resolve exceptions to privacy and security standards, and document activities and exceptions in the risk management program
- Provide security governance and advisory services to business units and project teams while building and maintaining relationships
- Maintain a continuous process improvement work environment and metrics reporting process while executing security risk assessments in accordance with industry standards and best practices
- Communicate effectively orally and in writing and express conclusions and recommendations in a clear, technically sound manner, with teammates, management, and customers
- Minimum 5 years of hands-on technology risk, security and/or governance experience, or equivalent relevant experience.
- Bachelor degree in Information Systems or related field or an equivalent combination of education and experience
- Understanding of IT governance, information security policies, standards, industry best practices
- Understanding of security/risk frameworks (e.g., ISO 27K, NIST 800 series, COBIT, etc.), regulatory compliance (e.g., SOX,
- SOC 1/2/3, PCI, etc.) and privacy (EU Data Protection, Binding Corporate Rules, Privacy Shield, etc.) regulations from a global perspective.
- CISSP, CISA, CISM or equivalent designation preferred but not required.
- Understanding of IT infrastructure, network security, and/or working within IT security is a plus.
- Experience working within a Risk Management methodology a plus
- Experience working in a UCaaS, SaaS, or IaaS environment a plus
- Demonstrated excellent written and communication skills.
- Demonstrated organizational skills with respect to time management and work production.
- Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities. Must be a team player who shows respect for others.
- Location is flexible. Preferably Ottawa, Canada or Boston, MA, but remote individuals will be considered