Senior Compliance Analyst - Federal Programs

San Jose, CA, United States

Applications have closed

Zscaler

Zscaler is the leader in cybersecurity and zero trust digital transformation. Transform your IT and security needs with the best CASB and SASE solutions.

View company page

Company Description

Zscaler (NASDAQ: ZS) accelerates digital transformation so that customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange is the company’s cloud-native platform that protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. 

The Zscaler Zero Trust Exchange uses software-defined business policies, not appliances, to securely connect the right user to the right application, regardless of device, location, or network. Zscaler operates 4 pillars of Trust Exchange. Zscaler Internet Access™ which scans every byte of traffic to ensure that nothing bad comes in and nothing good leaks out. Zscaler Private Access™ offers authorized users secure and fast access to internal applications hosted in the data center or public clouds—without a VPN. Zscaler Cloud Workload Protection, to identify and remediate risks associated with customer’s cloud infrastructure. Zscaler Workload Segmentation provides micro-segmentation of processes across multiple systems with Machine Learning based policy.

Zscaler services are 100% cloud delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances or hybrid solutions are unable to match. Used in more than 185 countries, the Zscaler multi-tenant, distributed security cloud protects thousands of customers from cyberattacks and data loss, enabling customers to embrace the agility, speed, and cost containment of the cloud—securely.

Hybrid work opportunity for local SF Bay Area candidates! Come and join our team and be a part of this exciting transformation to cloud-based security!

Job Description

The Zscaler Compliance team is looking for a self-motivated and goals oriented Senior Compliance Analyst to support the federal compliance programs. As part of this role, you will be hands-on with continuous monitoring activities while also contributing to broader federal compliance initiatives. 

The Senior Compliance Analyst possesses a fundamental understanding of:

  1. Federal compliance certifications (e.g., FedRAMP, StateRAMP, DoD IL5) and the related requirements (e.g., NIST 800-53 Rev 5, FIPS 140-2, DoD CC SRG). 
  2. The various cloud computing services (e.g., IaaS, PaaS, SaaS) and their inner workings
  3. Technologies and processes used to satisfy critical control implementations (e.g., federal mandates) 

With this fundamental understanding the Senior Compliance Analyst is capable of:

  • Assisting with the overall execution of maintaining existing certifications (e.g., continuous monitoring, annual audits)
  • Assisting with the overall execution of obtaining new certifications (e.g., scoping/requirements gathering)
  • Creating and updating documents relevant to federal certifications (e.g., SSP, POA&M)
  • Performing cross-functional interviews with internal/external stakeholders to determine if system security controls are implemented correctly, operating as intended, and producing the desired outcome
  • Analyzing vulnerability scan reports across all layers in accordance with FedRAMP Vulnerability Scanning Requirements Guidance
  • Identifying security controls that are impacted as part of ongoing changes to the system
  • Assisting with internal compliance automation intiatives (e.g., GRC tools)
  • Supporting other commercial compliance certifications as needed (e.g., SOC 2, ISO 27001)

Qualifications

  • 3-5 years of direct FedRAMP experience at a professional service firm and/or CSP
  • Bachelor’s degree in Information Technology (e.g., CIS, CS) or relevant field Skills and Experience
  • Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) preferred
  • Strong ability to communicate verbally and in writing to technical/non-technical audiences
  • Proven ability to prioritize tasks in a highly dynamic work environment
  • Desire to work at the next level

Additional Information

The base salary range for this full-time position is $100,750 to $155,000 + bonus + equity + benefits.

Zscaler’s salary ranges are benchmarked and are determined by role and level. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations and could be higher or lower based on a multitude of factors, including job-related skills, experience, and relevant education or training.
 

#LI-LG1  #Hybrid

What You Can Expect From Us:

  • An environment where you will be working on cutting edge technologies and architectures
  • A fun, passionate and collaborative workplace
  • Competitive salary and benefits, including equity

Why Zscaler?

People who excel at Zscaler are smart, motivated and share our values. Ask yourself: Do you want to team with the best talent in the industry? Do you want to work on disruptive technology? Do you thrive in a fluid work environment? Do you appreciate a company culture that enables individual and group success and celebrates achievement? If you said yes, we’d love to talk to you about joining our award-winning team. 

Additional information about Zscaler (NASDAQ: ZS ) is available at https://www.zscaler.com

Zscaler is proud to be an equal opportunity and affirmative action employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.

Zscaler is committed to providing reasonable support (called accommodations or adjustments) in our recruiting processes for candidates who are differently abled, have long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support. If you need support, please contact us by sending an email to accommodations@zscaler.com.   This email address is used specifically for accommodation requests only, and resumes, CV's, or questions other than accommodations will not be replied to or accepted.

 

Tags: Agile Audits Automation CISA CISSP Cloud Compliance DoD FedRAMP FIPS 140-2 IaaS ISO 27001 Machine Learning Monitoring NIST NIST 800-53 PaaS POA&M SaaS SOC SOC 2 System Security Plan VPN Zero Trust

Perks/benefits: Career development Competitive pay Equity Health care Salary bonus Team events

Region: North America
Country: United States
Job stats:  6  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.