eGain customer engagement solutions deliver digital transformation for leading brands – powered by virtual assistance, AI, knowledge, and analytics. Our comprehensive suite of applications helps clients deliver memorable, digital-first customer experiences in an omnichannel world. To find out more about eGain, visit https://www.egain.com.

POSITION: CLOUD SECURITY AND COMPLIANCE SPECIALIST

Location: Sunnyvale, CA

Experience: 10+ years

Job description

We are currently looking for Cloud Security and Compliance Specialist to be a part of our Information Security team in Sunnyvale, California.

Responsibilities

• Management and execution of eGain’s compliance programs for SOX, SOC, ISO, HIPAA, HITRUST, FedRAMP, PCI, IL2, GDPR, CCPA and other data privacy regulations
• Review, develop, execute, and maintain security policies and procedures for compliance
• Create and maintain security documents, including System Security Plan (SSP), risk assessments, compliance documents, whitepapers, sales artifacts, etc.
• Daily monitoring of security infrastructure, security logs, and tools
• Incident management and response
• Maintain and optimize security monitoring and alerting systems
• Review and influence the system and product architecture, and provide security-related recommendations
• Execute risk assessments and internal audits
• Respond and communicate with internal teams, customers, and prospects worldwide on information security questionnaires and inquiries
• Work with external auditors on regulatory and compliance program audits and assessments
• Track findings and work with internal and external teams on mitigation and remediation
• Align and consult on information security policies and procedures with key stakeholders including Sales, IT, Legal, Finance, Product, Engineering, and customers

Must-have qualifications

• 10+ years’ experience in an information security-related role, such as security analyst or security auditor
• 5 years’ experience conducting security control assessments or audits
• Bachelor’s degree in information systems, Information Technology, Computer Science (or professional experience working in Enterprise IT) or equivalent experience
• Professional security management certification such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or other similar certification
• Deeply familiar with HITRUST, BAA, Sarbanes Oxley (SOX), NIST cybersecurity framework, FIPS, FISMA, ISO 27000 security standards, PCI, SOC2, FedRAMP and data protection regulations and requirements
• Experience with SIEM tools, methodologies, and best practices
• Experience with firewall, IPS/IDS tools, OWASP, FIM, DLP, Application Control, PAM (Privilege access management), vulnerability scanning tools and log analysis, and other infrastructure security tools
• Experience with risk management methodologies and frameworks
• Experience with and proven methods for managing the information security incident lifecycle, including incident response, mitigation, post-action reporting, and mapping a path forward
• Comfortable with ambiguity
• Able to work efficiently with cross-functional teams and manage numerous projects simultaneously under deadline pressure with minimal guidance
• Strong analytical, communication (verbal and written), and project management skills

Nice-to-have

• US government cybersecurity work experience is desirable
• US government clearance
• Working knowledge of standard Unix infrastructure tools/protocols (DHCP, DNS, NTP, SYSLOG, SSH, IPSec, etc.)
• Basic cross-functional understanding of network engineering concepts and protocols (e.g., TCP, UDP, SSL, SSH, VLAN, etc.)
• Familiarity with AWS and Azure security models

To apply

Send your resume and cover letter in MS Word, to vsingh@egain.com, and include the position in the subject line of the email.