Cloud Security and Compliance Specialist

eGain customer engagement solutions deliver digital transformation for leading brands – powered by virtual assistance, AI, knowledge, and analytics. Our comprehensive suite of applications helps clients deliver memorable, digital-first customer experiences in an omnichannel world. To find out more about eGain, visit https://www.egain.com.


Location: Sunnyvale, CA

Experience: 10+ years

Job description

We are currently looking for Cloud Security and Compliance Specialist to be a part of our Information Security team in Sunnyvale, California.


  • Management and execution of eGain’s compliance programs for SOX, SOC, ISO, HIPAA, HITRUST, FedRAMP, PCI, IL2, GDPR, CCPA and other data privacy regulations
  • Review, develop, execute, and maintain security policies and procedures for compliance
  • Create and maintain security documents, including System Security Plan (SSP), risk assessments, compliance documents, whitepapers, sales artifacts, etc.
  • Daily monitoring of security infrastructure, security logs, and tools
  • Incident management and response
  • Maintain and optimize security monitoring and alerting systems
  • Review and influence the system and product architecture, and provide security-related recommendations
  • Execute risk assessments and internal audits
  • Respond and communicate with internal teams, customers, and prospects worldwide on information security questionnaires and inquiries
  • Work with external auditors on regulatory and compliance program audits and assessments
  • Track findings and work with internal and external teams on mitigation and remediation
  • Align and consult on information security policies and procedures with key stakeholders including Sales, IT, Legal, Finance, Product, Engineering, and customers

Must-have qualifications

  • 10+ years’ experience in an information security-related role, such as security analyst or security auditor
  • 5 years’ experience conducting security control assessments or audits
  • Bachelor’s degree in information systems, Information Technology, Computer Science (or professional experience working in Enterprise IT) or equivalent experience
  • Professional security management certification such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or other similar certification
  • Deeply familiar with HITRUST, BAA, Sarbanes Oxley (SOX), NIST cybersecurity framework, FIPS, FISMA, ISO 27000 security standards, PCI, SOC2, FedRAMP and data protection regulations and requirements
  • Experience with SIEM tools, methodologies, and best practices
  • Experience with firewall, IPS/IDS tools, OWASP, FIM, DLP, Application Control, PAM (Privilege access management), vulnerability scanning tools and log analysis, and other infrastructure security tools
  • Experience with risk management methodologies and frameworks
  • Experience with and proven methods for managing the information security incident lifecycle, including incident response, mitigation, post-action reporting, and mapping a path forward
  • Comfortable with ambiguity
  • Able to work efficiently with cross-functional teams and manage numerous projects simultaneously under deadline pressure with minimal guidance
  • Strong analytical, communication (verbal and written), and project management skills


  • US government cybersecurity work experience is desirable
  • US government clearance
  • Working knowledge of standard Unix infrastructure tools/protocols (DHCP, DNS, NTP, SYSLOG, SSH, IPSec, etc.)
  • Basic cross-functional understanding of network engineering concepts and protocols (e.g., TCP, UDP, SSL, SSH, VLAN, etc.)
  • Familiarity with AWS and Azure security models

To apply

Send your resume and cover letter in MS Word, to vsingh@egain.com, and include the position in the subject line of the email.