Senior Compliance Analyst - California, United States - Zscaler

    Zscaler
    Zscaler California, United States

    2 weeks ago

    Default job background
    Description
    **This role requires U

    S Citizenship Location:
    Remote within the U.S.

    Job Description


    The Zscaler Compliance team is looking for a self-motivated and goals oriented Senior Compliance Analyst to support the Federal compliance programs.

    As part of this role, you will be hands-on with continuous monitoring activities while also contributing to broader Federal compliance initiatives.

    The Senior Compliance Analyst possesses a fundamental understanding of:


    Federal compliance authorizations (e.g., StateRAMP, FedRAMP, DoD IL5) and the related requirements (e.g., NIST Rev 5, NIST 800-63, FIPS, DoD CC SRG).

    The various cloud computing services (e.g., IaaS, PaaS, SaaS) and their inner workings.

    Technologies and processes used to satisfy critical control implementations (e.g., Federal mandates).

    With this fundamental understanding the Senior Compliance Analyst is capable of:

    Assisting with the overall execution of maintaining existing authorizations (e.g., continuous monitoring, annual audits).

    Assisting with the overall execution of obtaining new authorizations (e.g., scoping/requirements gathering).

    Creating and updating documents relevant to Federal authorizations (e.g., SSP, POA&M).


    Performing cross-functional interviews with internal/external stakeholders to determine if system security controls are implemented correctly, operating as intended, and producing the desired outcome.

    Analyzing vulnerability scan reports across all layers in accordance with FedRAMP Vulnerability Scanning Requirements Guidance.

    Assisting in the development of ongoing significant change request documentation (SIA forms, SCR forms, supplemental narratives, diagrams).

    Assisting with internal compliance enhancement initiatives (e.g., GRC tools, access management, common Federal controls framework).

    Qualifications

    3-5 years of direct FedRAMP experience at a professional services firm and/or CSP.

    Bachelor's degree in information technology (e.g., CIS, CS) or relevant field Skills and Experience.

    Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) preferred.

    Strong ability to communicate verbally and in writing to technical/non-technical audiences.

    Proven ability to prioritize tasks in a highly dynamic work environment.

    Desire to work at the next level.

    #LI-remote

    #LI-AM12

    #J-18808-Ljbffr