Product Analyst, Cloud Compliance
Palo Alto, CaliforniaJob ID R1907582 Date posted Jul. 09, 2019
As a VMware Cloud Compliance Analyst, you will implement our strategy to meet compliance expectations on a global scale. Your scope of work will include work in public sector, finance, healthcare and insurance delivering certifications including: GovCloud, FedRAMP, PCI, FINRA, FFIEC, IRAP, HIPAA HITECH and others.
The position will help implement, automate, document, and maintain controls while supporting and responding to inquiries from partners and regulators. You are someone that has a solid understanding of the broad aspects of compliance and can apply that knowledge on a global scale.
You be an essential member of the VMware Cloud product team that reports up to the VP of Product. Your goals will be directly linked to metrics such as achieving and maintaining certifications, risk assessments, collecting evidence, and cataloging in our GRC system.
- Complete evidence collection, audit testing and other analysis required to meet goals of audit projects.
- Perform assessments of security controls and operational processes to identify gaps and help implement mitigations.
- Identify, document, and map technology processes and internal controls of applicable technology infrastructure and operational areas per the scope of the audit project.
- Design, develop and publish internal program frameworks, checklists, policy, processes, and procedures.
- Coordinate security assurance activities including notification and scheduling for all affected parties of engagements timing, scope, goals, approach and deliverables
- Help respond to external requests inquiring about the VMware Cloud on AWS Security and Compliance program including activities like audit management, evidence gathering, scoping, control walkthroughs, etc.
- BA/BS in Management Information Systems, Finance, Business, or Computer Science.
- Desired certification in one of the following areas: CISSP, CISA, CISM, GISO, GCIH, CIPP.
- Direct work experience with compliance audits in the last 3 years, including at least 1 of the following: SSAE 18 - SOC 1/2/3, ISO 27001, 27017, 27018, FedRAMP, NIST 800-53 framework.
- Security consulting or auditing experience or related professional services/consulting background.
- Experience delivering security and compliance assessments preferably for a major cloud provider is a plus.
- Proficient user of cloud based GRC and collaboration tools like Allgress, Confluence and Jira.
- We're team players. You'll do well if you're one too.
- Comprehensive healthcare plans
- PTO and family leave
- Retirement plans
** This position will perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil, and therefore any offer will be contingent upon verification of both of these requirements
At VMware, we push the boundaries of what is possible. With VMware solutions, organizations are building unrivaled experiences by mobilizing everything and responding faster to opportunities. Our compute, cloud, mobility, networking, and security offerings provide a dynamic and efficient digital foundation for customers globally.
VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. VMware will provide reasonable accommodation to employees who have protected disabilities consistent with local law.