Companies

${ company.text }

Be the first to rate this company Not yet rated ${ company.score }

Career Resources

${ getArticleTitle(article) }

Topics

${ tag.display_name }

Community

${ getCommunityPostText(community_post) }

Writers

${ author.full_name }

${ author.short_bio }

InHerSight logo
Jobs Community For Employers

Join InHerSight's growing community of professional women and get matched to great jobs and more!

Sign up now

Already have an account? Log in ›

Palo Alto Networks logo

Palo Alto Networks

4.2 | Santa Clara, CA | Computer & Network Security | 5001 to 10000 Employees
Posted 2 months ago on Aug. 25, 2020

Sr. Information Security and Compliance Analyst

Full-time in Santa Clara, CA (Can work remote)
Is it a match?
See at-a-glance how well companies like Palo Alto Networks support the things that are important to you.
The People You Work With
4.5
Overall Satisfaction
4.5
Paid Time Off
4.4
Flexible Work Hours
4.4
Equal Opportunities for Women and Men
4.4
Palo Alto Networks is a computer & network security company headquartered in the Santa Clara, CA area with 5001 to 10000 employees. Palo Alto Networks has a 4.2-star InHerSight Score, based on 1,186 ratings from 80 employees. Employees have left 28 comments about their experiences working for the company on InHerSight.

Company Description

Our Mission

At Palo Alto Networks® everything starts and ends with our mission: protecting our way of life in the digital age by preventing successful cyberattacks. It’s not a small goal. It isn’t simple either, but we aren’t in this for the easy answer. As a company with a foundation in challenging the way things are done, we’re looking for innovators with a dedication to THE best. In return, your career will have a tangible impact - one that's working toward technology that affects every level of society.

Our mission doesn’t happen by treading softly.  It happens by defining an industry. It means building products that haven't been thought of. It means selling products with a solutions mindset. It means supporting the infrastructure of a company that moves at an incredible speed…intentionally…to stay ahead of the world’s next cyberthreat.

Job Description

Your Career 

We are seeking a Sr. Information Security and Compliance Analyst to join our Information Security team and partner with Palo Alto Networks business groups to improve our global information security posture. In this role, you will report to the Director of Risk & Compliance and work directly with key stakeholders and leaders across the organization to identify, monitor and report upon security risks to drive business action.  

You will join a team of experienced, out-of-the-box thinkers and create programs that deliver real security results.  Your primary focus will be to Centralize Control Failures (Against an internally developed Common Control Framework) identified by Security & Compliance functions and effectively communicate Risks to the Business & Risk Committee. In addition, enable top-down risk remediation and bottom-up issue remediation. Palo Alto Networks is a fast-paced, post startup environment and part of your success will lie in your willingness to learn and drive change across the organization through demonstrating our core values - Disruption, Execution, Collaboration, Integrity, and Inclusion.

Your Impact 

  • Assist in the development, implementation, and operationalization of Palo Alto Networks’ Risk Management data model, data store and reporting platform

  • Establish procedural and technical relationships with Information Security & Compliance functions at Palo Alto Networks, ensuring that all risk is reported centrally and uniformly. 

  • Maintain and improve our risk register and reporting to all levels of the organization (i.e. Executive, Management, Stakeholders, and Information Security Leadership)

  • Assist in the development, implementation, and operationalization of automating compliance activities through innovation and use of Palo Alto Networks Products to help our practice scale and innovate the risk management space. 

  • Continuously improve our existing tooling and processes by enhancing our tooling integrations, configurations and usability

  • Develop and facilitate audit methodologies for testing and monitoring security and data privacy control implementation across technology environments

Additional Responsibilities:

  • Work closely with Information Security Architecture, Engineering and relevant Security Operations teams to deliver upon technical risk assessments. 

  • Perform gap analysis and security risk assessments to determine if business systems are aligned with regulatory requirements, industry standards, best practices and internal information security policies, procedures, and standards

  • Advise control owners in the development of remediation plans to meet the requirements of compliance and/or regulatory measures, including identification of mitigating or compensating controls

  • Drive accountability for risk remediation with internal customers (i.e. Engineering, DevOps, IT, Information Security)

  • Build and cultivate positive working relationships with internal customers

  • Support, exhibit and grow corporate culture that is committed to Governance, Risk, and Compliance and information security best practices

Qualifications

Your Experience

  •  5-8 years information security Governance Risk and Compliance / information security assurance experience 
  • Demonstrated knowledge and experience with information security frameworks (FedRAMP, ISO 27001/2, PCI DSS, SOC2) and industry best practices (NIST, SANS, CIS) 

  • Experienced in both qualitative and quantitative risk assessment methodologies 

  • Exposure to a broad range of technical controls such as logical access control, agile development process, secure coding principles, security architecture, information security, network security

  • Strong cross-functional team program management abilities, including managing multiple assessments concurrently with different stakeholders and timelines 

  • Strong collaborative spirit and demonstrated success in a team-driven environment

  • Ability to approach problems with an innovative, can-do attitude

Preferred Qualifications:

  • Big 4/information security consulting experience is a plus

  • At least 3 years experience as a lead managing third party audits (SOX, PCI, SOC2) or technology focused risk assessments and remediation management

  • Demonstrated understanding and experience assessing complex cloud and on-premise technology environments, architecture and data flows

  • Other education, certifications (CISSP, CISA, CISM, SANS GSEC, etc.) and experience

  • Understanding of SQL, BigQuery and Data Studio, a plus

Education

  • Bachelor's degree from four-year college or university; or equivalent training, education, and experience in information / cyber security, computer systems, IT, etc.

Additional Information

The Team

Think about it, security for an information security company. Working at a high-tech cybersecurity company within the Information Security team is a once in a lifetime opportunity. You’ll be joined with the brightest minds in technology, our global teams on the front line of defense against cyberattacks. We’re joined by one mission – but driven by the impact of that mission and what it means to protect our way of life in the digital age. Join a dynamic and fast-paced team that feels excitement at the prospect of a challenge and feels a thrill at resolving security gaps that inhibit our privacy.

Our Commitment

We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together. To learn more about our culture and dedication to inclusion and innovation, visit our careers page.

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

Additionally, we are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or an accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.

Learn more about the amazing work experience at Palo Alto Networks here! 

 

 

#LI-MT1 

All your information will be kept confidential according to EEO guidelines.

Share this job