Our Mission – Securing the software that powers your world. At Veracode, we are focused on that mission every day. Veracode is recognized as a premier provider of SaaS-based application security solutions, transforming the way companies secure applications in today’s software driven world. We provide our customers with a solid foundation on which to build security into their modern agile development processes.
Veracode is seeking a highly-motivated, detail-oriented individual to join our Risk & Compliance Team. In this role, you will have the opportunity to help make our infrastructure, products, and customers more secure.
The role of Senior IT Risk/Compliance Analystwill include the following responsibilities:
Supports Service Organization Control (SOC 2/3) and internal audit requirements and activities by assisting in the planning and execution of assessments to minimize disruption on business processes and operational systems
Supports efforts to gather documentation and supporting evidence and facilitates external and internal audit requests
Assists with ongoing evaluation and implementation of proper controls to align with GDPR, Privacy Shield, PCI, NIST 800.53 and other relevant Privacy regulations
Assist with customer audits in collaboration with Sales/Services teams and supports maintenance of a database to facilitate timely responses.
Assists with security/compliance evaluations of Veracode vendors.
Assist with drafting of Information Systems policies and procedures and related documentation.
BS or MS in Computer Science, Engineering, or Information Security
5 or more years of progressive Information Security/ IT Audit work experience
Knowledge of risk assessment design and delivery
Familiarity with some relevant security frameworks such as FedRAMP, ISO 27001, GDPR, PCI, etc.
Proven experience building productive relationships with Technical Operations, Security Operations, Incident Response, Technical Compliance and other stakeholders
Ability to prioritize and multitask. Flexibility and adaptability in work approach.
Strong written and verbal communication skills.
Professional security management certification: CISSP or CISA preferred
Knowledge of / experience working with Cloud technologies/environments is a plus
The Veracode Way:
We Have a Passion and Commitment for Security
We consider security in everything we do. We act to preserve the trust our customers place in us.
We Help Our Customers Change the World
We deliver peace of mind to our customers so they can focus on the pursuit of their missions.
We Have Big Goals and Expect Big Outcomes
We are results driven. We take risks, compete boldly, and deliver valuable outcomes to our customers.
We Are Committed to Making Progress Together
We collaborate with each other, our user communities, our industry and together lead the world forward.
We Value Each Other
We value diversity. We have empathy for each other and assume positive intent.
We Are Proud to be Veracode
We have fun together. We honor who we are and work hard to achieve our potential.
You Change the World, We’ll Secure It!
Veracode is an equal opportunity employer and we celebrate diversity with a commitment to creating an inclusive environment. All applicants will be considered for employment without attention to race, religion, age, sex, gender identity, sexual orientation, national origin, veteran or disability status.
Veracode is the leader in the application security space, with the most comprehensive offering available. We take our mission to secure the software that powers your world seriously. Our award-winning, industry-leading products dominate the AppSec market.