Information Security and Compliance Specialist
Hundreds of global brands trust eGain to automate customer engagement and empower employees in a digital-first world. Powered by knowledge and AI, our solution is top-rated by Gartner and Forrester.
We dream big and sweat details. We are diverse, optimistic, and tenacious. We take pride in what we do but we don’t take ourselves too seriously. If work is fun for you, talk to us. We will not waste your time.
POSITION: INFORMATION SECURITY AND COMPLIANCE SPECIALIST
Location: Sunnyvale, CA
Develops and executes security controls, defenses, and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce, and web-based systems. Maintains hardware, software, and network firewalls and encryption protocols. Administers cybersecurity policies to control physical and virtual access to systems. Performs network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures. Conducts penetration testing and vulnerability assessments of applications, operating systems, and/or networks. Respond to cybersecurity breaches, identify intrusions and isolate, block, and removes unauthorized access. Researches and evaluates cybersecurity threats and performs root cause analysis. Assists in the creation and implementation of security solutions. Provides information to management regarding the impact on the business caused by theft, destruction, alteration, or denial of access to information and systems.
- Daily monitoring of security infrastructure, security logs and tools.
- Maintain and optimize security monitoring and alerting systems.
- Review system designs and architectures and make security-related recommendations
- Review, Develop, execute, and maintain security policies and procedures
- DSS, SOX, SOC, HIPAA and GDPR compliance management.
- Execute risk assessments and internal audits
- Respond to customer questionnaires and inquiries
- Support Sales and Pre-Sales team (and travel within Europe with them as needed) in sales situations with customers, prospects, and partners on information security related matters for eGain Cloud
- Track findings and work with teams to remediate risks
- Maintain security documents including Compliance documents, whitepapers, sales artifacts, etc.
- Align and consult with key stakeholders including Sales, IT, Legal, Finance, Product, Engineering, and Operations
Education and Experience
- 5 + years’ experience in an information security related role, such as security analyst or security auditor
- 3 years’ experience conducting security control assessments or audits
- Bachelor’s degree in information systems, Information Technology, Computer Science (or professional experience working in Enterprise IT) or equivalent experience.
- Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar certification
- Deeply familiar with HIPAA Compliance, Sarbanes Oxley (SOX), NIST cybersecurity framework, ISO 27000 security standards, SOC2, FedRAMP and data protection regulations and requirements
- Experience with central logging tools, methodologies, and best practices.
- Experience with firewall technologies, IPS/IDS tools, OWASP, vulnerability scanning tools, and other infrastructure security tools.
- Experience with risk management methodologies and frameworks
- Strong analytical, strategic, communication (verbal and written), and project management skills
- Self-motivated, flexible, and eager to constantly improve and expand skill set.
- Ability to work with multiple customers, context switch, learn fast, and communicate well
- Basic cross-functional understanding of network engineering concepts and protocols (e.g., TCP, UDP, SSL, VLAN, etc.)
Nice to have
- Government Cyber Security work experience
- Working knowledge of standard Unix infrastructure tools/protocols. (DHCP, DNS, NTP, SYSLOG, SSH, IPSec etc.)
- Basic Knowledge of Azure and AWS security models
Our Hiring Process is “Easy with eGain”
Step 1: Written test (should take roughly 120 minutes of your time)
- Aptitude section
- Functional section
We will let you know within 2 business days of your taking the test if you have progressed to the interview stage. The interview will be scheduled no later than 7 calendar days after the test.
Step 2: Panel interview (max 60 minutes)
Step 3: Selection: You will receive a written offer, if selected, within 3 days of the interview.
Email your resumé to firstname.lastname@example.org with the position title “Information Security and Compliance Specialist” in the email subject.