About ThousandEyes

ThousandEyes empowers enterprises to see, understand and improve digital experiences for their customers and employees. The ThousandEyes cloud platform offers unmatched vantage points throughout the global Internet and cloud providers, delivering immediate visibility into the digital experience for every user, application, website or service, over any network. ThousandEyes is central to the global operations of the world's largest and fastest growing brands, including Comcast, eBay, HP, 120+ of the Global 2000, 65+ of the Fortune 500, 6 of the 7 top US banks, and 20 of the 25 top SaaS companies.

About the Role

We're looking for a passionate Senior Information Security Analyst that can support ThousandEyes information security and privacy compliance initiatives, drive continuous improvement of our control environment and internal processes, and ensure that products and services meet and exceed ongoing industry standards.  You will work cross-organizationally to ensure the success of the information security risk management program. We are looking for a San Francisco based information security analyst that will be aggressive in following up on tasks, achieving deadlines, and holding resource owners accountable to risk remediation plans.

Responsibilities:

  • Perform risk assessments to determine if new projects and deployments are aligned with regulatory requirements, industry standards, and best practices and to ThousandEyes’ information security and privacy policy
  • On-going project/program management of information security risk management activities (including risk treatment plans and external audit/certification initiatives such as SOC2, ISO 27001 and FedRAMP)
  • Plan and perform internal security and privacy audits to assess control design and effectiveness
  • Report on the status of compliance activities and develop metrics around the risk remediation program
  • Manage incoming and outgoing customer security and privacy information requests and questionnaires
  • Communicate with company workers on security awareness topics
  • Support, exhibit and grow corporate culture that is committed to Governance, Risk, and Compliance and information security best practices
  • Monitor for new compliance regulations, assess the impact to the organization, and work with the impacted business units to ensure compliance
  • Participate in 24x7 Information Security Response team

Requirements:

  • Knowledge of ISO 27001, FISMA, NIST and CSA CCM frameworks, as well as global data protection and privacy laws (GDPR)
  • Strong understanding of technologies and controls including those related to system, networking, and web application security
  • Experience with multi-tasking and fast paced work environments needed; strong time management skills
  • Action oriented with a passion for getting things done quickly, efficiently, and properly
  • Ability to work independently with minimal guidance while being a team player able to effectively manage a demanding workload across geographic and organizational boundaries
  • BA/BS degree in Computer Science or a related field and a minimum of 3 years experience in information security

A plus if you also have:

  • Hands-on experience with FedRAMP, SOC2 and/or ISO certification engagement
  • Technical working knowledge of Linux OS, Network Protocols (TCP/IP, HTTP, SMTP, DNS), Container technologies and Web security architecture, Firewalls, IAM, IDS/IPS, SIEM, Cryptography
  • Security certifications such as CISSP, CISM, CCSP, GSEC, CCIE
  • Project management certifications such as PMP

Apply for this Job

* Required