Threat Level: green Handler on Duty: Russ McRee

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Vendor Security Analyst
Company Zendesk
Location Madison, WI or Remote
Preferred GIAC Certifications GSEC
Travel 0%
Salary Not provided
URL https://jobs.zendesk.com/us/en/job/R13485/Vendor-Security-Analyst
Contact Name Maarten Van Horenbeeck
Contact Email mvanhorenbeeck/at/zendesk.com
Expires 2020-11-22

Job Description

Would you like to work on a lively yet sophisticated Security team for a SaaS company that’s constantly pushing forward? Zendesk is looking for a Security Analyst with solid communication and analytical skills to help us protect our internal partners, our products and our customers by being able to identify and mitigate security risks that may arise with our vendors through a variety of ways. We are seeking someone who can master a very sophisticated craft while simultaneously demonstrating empathy, friendliness, compassion, and a willingness to always go above and beyond: someone with a mixture of technical prowess, relentless positivity and an eye towards solving problems, creatively and collaboratively. The world of security moves fast and the world of SaaS moves even faster. In addition to aforementioned qualities, we need a self-motivator to stay on top of the shifting ground beneath their feet to stay ahead of security, technology, our controls, and the Zendesk family of products.

You should be approachable and inspiring as you will be one of the public faces of our team and sometimes Zendesk itself. You should have a general understanding of security concepts, security compliance, possess premier communication skills, and be able to translate sophisticated ideas to a wide variety of audiences. The ability to remain succinct and yet instructive is key.

What you will get to do here:

- Work with a large number internal partners (Procurement, Legal and purchasing teams) to ensure new and existing vendors meet the necessary security requirements to provide services at Zendesk
- Understand Zendesk security processes and the application of those processes at as it relates to our vendors and certain compliance controls
- Evaluate the security of new and existing vendors by reviewing user documentation and various legal documents
- Draft and negotiate security agreements
- Work closely with internal stakeholders to educate and guide them on best security practices as it relates to using third-party tools and outside services
- Assist in maintaining our current knowledge base, Security Policies, SOC 2 controls, and internal-facing documentation.
- Work on project based deliverables when called upon to do so.
- Help update knowledge bases and work you're doing to keep them current with processes or products.

What you bring to the role:

- General knowledge of information security concepts, risks, and corresponding mitigation strategies
- Either (i) 1 year in a Security department role, (ii) graduate of a Security program, or (iii) hold a security certification
- Familiarity with legal agreements, audit controls and risk & compliance
- Elite communication skills with the ability to deliver and state complex concepts
- Excellent analytical skills and the ability to tackle problems creatively
- Tight-knit collaboration, planning, and prioritization skills
- Strong self-motivation abilities
- Friendly and positive demeanor
- Strong ethical standards
- A security certification such as the GSEC