Senior Compliance Analyst - Federal
San Jose, CA, United States
Full Time Senior-level / Expert USD 100K - 155K
ZscalerZscaler, creator of the Zero Trust Exchange platform, helps you reduce business risk while enabling you to realize the promise of digital transformation.
Due to the nature of the work, US citizenship is required.
Zscaler (NASDAQ: ZS) accelerates digital transformation so that customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange is the company’s cloud-native platform that protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location.
The Zscaler Zero Trust Exchange uses software-defined business policies, not appliances, to securely connect the right user to the right application, regardless of device, location, or network. Zscaler operates 4 pillars of Trust Exchange. Zscaler Internet Access™ which scans every byte of traffic to ensure that nothing bad comes in and nothing good leaks out. Zscaler Private Access™ offers authorized users secure and fast access to internal applications hosted in the data center or public clouds—without a VPN. Zscaler Cloud Workload Protection, to identify and remediate risks associated with customer’s cloud infrastructure. Zscaler Workload Segmentation provides micro-segmentation of processes across multiple systems with Machine Learning based policy.
Zscaler services are 100% cloud delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances or hybrid solutions are unable to match. Used in more than 185 countries, the Zscaler multi-tenant, distributed security cloud protects thousands of customers from cyberattacks and data loss, enabling customers to embrace the agility, speed, and cost containment of the cloud—securely.
Hybrid work opportunity for local SF Bay Area candidates! Come and join our team and be a part of this exciting transformation to cloud-based security!
The Zscaler Compliance team is looking for a self-motivated and goals oriented Senior Compliance Analyst to support the federal compliance programs. As part of this role, you will be hands-on with continuous monitoring activities while also contributing to broader federal compliance initiatives.
The Senior Compliance Analyst possesses a fundamental understanding of some of the following:
- Federal compliance certifications (e.g., FedRAMP, StateRAMP, DoD IL5) and the related requirements (e.g., NIST 800-53 Rev 5, FIPS 140-2, DoD CC SRG).
- The various cloud computing services (e.g., IaaS, PaaS, SaaS) and their inner workings
- Technologies and processes used to satisfy critical control implementations (e.g., federal mandates)
With this fundamental understanding the Senior Compliance Analyst is capable of:
- Assisting with the overall execution of maintaining existing certifications (e.g., continuous monitoring, annual audits)
- Assisting with the overall execution of obtaining new certifications (e.g., scoping/requirements gathering)
- Creating and updating documents relevant to federal certifications (e.g., SSP, POA&M)
- Performing cross-functional interviews with internal/external stakeholders to determine if system security controls are implemented correctly, operating as intended, and producing the desired outcome
- Analyzing vulnerability scan reports across all layers in accordance with FedRAMP Vulnerability Scanning Requirements Guidance
- Identifying security controls that are impacted as part of ongoing changes to the system
- Assisting with internal compliance automation intiatives (e.g., GRC tools)
- Supporting other commercial compliance certifications as needed (e.g., SOC 2, ISO 27001)
- Due to the nature of the work, US citizenship is required.
- 3-5 years of direct FedRAMP experience at a professional service firm and/or CSP
- Bachelor’s degree in Information Technology (e.g., CIS, CS) or relevant field Skills and Experience
- Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) preferred
- Strong ability to communicate verbally and in writing to technical/non-technical audiences
- Proven ability to prioritize tasks in a highly dynamic work environment
- Desire to work at the next level
The base salary range for this full-time position is $100,750 to $155,000 + bonus + equity + benefits.
Zscaler’s salary ranges are benchmarked and are determined by role and level. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations and could be higher or lower based on a multitude of factors, including job-related skills, experience, and relevant education or training.
What You Can Expect From Us:
- An environment where you will be working on cutting edge technologies and architectures
- A fun, passionate and collaborative workplace
- Competitive salary and benefits, including equity
People who excel at Zscaler are smart, motivated and share our values. Ask yourself: Do you want to team with the best talent in the industry? Do you want to work on disruptive technology? Do you thrive in a fluid work environment? Do you appreciate a company culture that enables individual and group success and celebrates achievement? If you said yes, we’d love to talk to you about joining our award-winning team.
Additional information about Zscaler (NASDAQ: ZS ) is available at https://www.zscaler.com.
Zscaler is proud to be an equal opportunity and affirmative action employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.
Zscaler is committed to providing reasonable support (called accommodations or adjustments) in our recruiting processes for candidates who are differently abled, have long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support. If you need support, please contact us by sending an email to email@example.com. This email address is used specifically for accommodation requests only, and resumes, CV's, or questions other than accommodations will not be replied to or accepted.
Tags: Agile Audits Automation CISA CISSP Cloud Compliance DoD FedRAMP FIPS 140-2 IaaS ISO 27001 Machine Learning Monitoring NIST PaaS SaaS SOC SOC 2 System Security Plan VPN
Perks/benefits: Career development Competitive pay Equity Health care Salary bonus Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Security Operations Analyst jobs
- Open Senior SOC Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open SOC Analyst jobs
- Open Staff Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Manager Pentest H/F jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open IT Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open IT Security Specialist jobs
- Open Infosec Risk Manager jobs
- Open Cyber Program Manager jobs
- Open o365 Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Staff Information Security Engineer jobs
- Open Cyber Hunt SME jobs
- Open Information System Security Officer (ISSO) jobs
- Open Senior Security Operations Engineer jobs
- Open Agile-related jobs
- Open SIEM-related jobs
- Open GCP-related jobs
- Open Clearance-related jobs
- Open Risk assessment-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open Java-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open Kubernetes-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs
- Open Cryptography-related jobs
- Open CISA-related jobs
- Open Encryption-related jobs