Security Analyst

Ottawa, ON

Fuze, Inc. logo
Fuze, Inc.
Apply now Apply later

Posted 1 month ago

We're on a mission to transform global workplace communication, and we need your help.  How
do you prefer to collaborate with your colleagues? By phone, video, instant message, or even
text? Fuze is making it easy for businesses to embrace the modern, mobile workforce. We offer a
single cloud-based platform that includes these technologies and more for simple, smart
communication that works. Headquartered in Boston, MA with offices and customers
worldwide, we're growing at a lightning-fast speed to meet the demands of the evolving unified
communications as a service
(UCaaS) market!

The Security Analyst reports to the Director of Information Security and is tasked with providing
timely and quality service to ensure that IT security, privacy and compliance risks are adequately
identified, communicated, mitigated and/or tracked for remediation.  This position will support
IT global risk and compliance projects, and contribute to the information security compliance
program.

Responsibilities include: 


● Assist with the planning, execution, gathering of evidence, and reporting for audits,
attestations, and regulatory requirements across the globe; work cross-functionally to
ensure processes and procedures are followed and align with audit requirements
● Lead penetration testing and source code scanning, provide remediation
recommendations and/or propose alternate solutions to resolve exceptions to privacy and
security standards, and document activities and exceptions in the risk management
program
● Perform security risk assessments according to the Fuze Security Risk Framework, as
needed
● Triage, and drive to closure in a timely manner, security inquiries/questionnaires which
are received on a regular basis
● Research and maintain a knowledge base regarding information security issues, solutions
and potential implications
● Work with teams at Fuze to ensure remediation of potential vulnerabilities; perform ad
hoc testing and investigations as needed to better the platform security posture
● Provide security governance and advisory services to business units and project teams
while building and maintaining relationships
● Maintain a continuous process improvement work environment and metrics reporting
process while executing security risk assessments in accordance with industry standards
and best practices

Qualifications

● Communicate effectively orally and in writing and express conclusions and
recommendations in a clear, technically sound manner, with teammates, management,
and customers
Requirements:
● Minimum 5 years of hands-on technology risk, security and/or governance experience, or
equivalent relevant experience
● Bachelor degree in Information Systems or related field or an equivalent combination of
education and experience
● Experience with pentesting tools and related applications (NESSUS, Metasploit, Nmap,
Wireshark, etc)
● Experience with source code repositories and scanning tools (e.g. Veracode, Github, etc.)
● Experience in Linux and Windows is required and the AWS platform is a plus
● Understanding of IT governance, information security policies, standards, industry best
practices
● Understanding of security/risk frameworks (e.g. ISO 27K, NIST 800 series, COBIT,
etc.), regulatory compliance (e.g. SOX, SOC 1/2/3, PCI, etc.) and privacy (EU Data
Protection, Binding Corporate Rules, Privacy Shield, etc.) regulations from a global
perspective
● CISSP, CISA, CISM or equivalent designation preferred but not required
● Understanding of IT infrastructure, network security, and/or working within IT security is
a plus
● Experience working within a Risk Management methodology a plus
● Experience working in a UCaaS, SaaS, or IaaS environment a plus
● Demonstrated excellent written and communication skills
● Demonstrated organizational skills with respect to time management and work
production
● Must be able to multi-task, work independently and as part of a team, share workloads,
and deal with sudden shifts in project priorities. Must be a team player who shows respect
for others.

Job tags: Audits AWS CISA CISM CISSP CoBIT Compliance IaaS ISO 27k Linux Metasploit Nessus Network security NIST Nmap PCI Penetration testing Risk management SaaS SOC 1 Vulnerabilities Windows
Job region(s): North America
Job stats:  18  4  0
Share this job: