A large financial enterprise in Phoenix, AZ is looking for an Cloud Security Compliance Analyst to help the cloud team create governance models, process external audits, as well as centralize their findings. You will help keep the status of findings and remediations clearly tied up, helping document them throughout and ensure the audits are being directed ot the right stakeholders. Already established, the documentation process is called "cloud governance hosting approval process," so when a new application wants to move into the cloud, you can represent InfoSec in that hosting request process and bring back questions to organization to help determine the status and help aggregate it. This role requires heavy documentation and finding a single source and bringing to a larger scale.
External audits will play a huge part in this role as when auditors reach out to this team to understand how their cloud hosting process is within compliance, it will be on you to document, updated and report back.
Responsibilities broken down by duties in each area:
Cloud Governance
1. Maintain a centralized tracker of proposed onboardings into cloud platform and track the approvals from cloud governance
2. Understand the overall risk for cloud platforms to be able to represent cloud security team in governance process
Cloud Risk Management
1. Maintain a centralized risk posture for cloud platforms and ensure the remediation plan delivery is committed from stakeholders
2. Good Knowledge on Compliance frameworks to understand the overall risk and coverage of security requirements
Cloud Audit Support
1. Support cloud audits (second line, third line, External audits) to ensure right documentation is gathered by working with broader information security teams
2. Maintain the documentation provided for all cloud audits
Cloud Audit Remediation
1. Track the findings relates to cloud audits along with dependencies
2. Prepare the remediation plan with support from broader teams and work with audit teams to align.
3. Ingest the findings delivery into SAFE agile processes of impacted stakeholders
Remediation support for any cloud security governance related findings.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
HR@insightglobal.com.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
-3+ years of Security Domain experience (Network, IAM, Application Security, Cloud Security, etc).
-2+ years of Cloud experience and Cloud Compliance Frameworks
-Understanding of audits, external audits and working with external parties
-Proficient in compliance and security compliance to ensure environments, applications, and processes are following frameworks and policies.
-Great documentation skills, along with good communication and presentation skills.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.