Cybersecurity Analyst

Cornerstone Ondemand - Providence, RI

posted 3 months ago

Full-time
Providence, RI
Computing Infrastructure Providers, Data Processing, Web Hosting, and Related Services

About the position

The Cybersecurity Analyst is a hands-on role that involves evaluating and enforcing security and compliance controls. This position plays an integral role in protecting Cornerstone OnDemand from internal and external threats and works closely with our technology teams to define security best practices, perform architecture and design reviews, threat modeling, conduct security assessments, and support the identification, interpretation, and remediation of vulnerabilities across Cornerstone's tech stack. To be successful in this role, the Cybersecurity Analyst should have a strong background in information security and a proven track record of delivering under pressure and meeting deadlines. In this role, you will work closely with the Global Information Security and Compliance team to implement security standards across the organization. You will perform security and compliance assessments of IT systems and evaluate the design of technical controls and operating procedures against best practices. It is essential to ensure the application of a transparent, consistent, and well-reasoned methodology to evaluate security and compliance controls. Findings and evidence are collected, reviewed, and presented in a clear and concise manner. Building rapport with a cross-functional team of stakeholders is crucial to ensure findings are prioritized and addressed; balancing business needs, security best practices, and compliance requirements effectively. You will maintain and create documentation related to security technologies and compliance requirements, document security-related policies and procedures, and follow up to validate accurate implementation. Additionally, you will assist in responding to internal and external audits, along with on-demand security assessments. Researching emerging technology in support of security enhancement and development efforts will also be part of your responsibilities. You will facilitate the use of technology-based tools or methodologies to review, design, and/or implement reviews. Embracing a culture of excellence, combining humility with ambition, is key to thriving in this role. As a rockstar, you will be willing to take on additional responsibilities as needed.

Responsibilities

  • Work closely with the Global Information Security and Compliance team to implement security standards across the organization.
  • Perform security and compliance assessments of IT systems and evaluate the design of technical controls and operating procedures against best practices.
  • Ensure the application of a transparent, consistent, and well-reasoned methodology to evaluate security and compliance controls.
  • Build rapport with a cross-functional team of stakeholders to ensure findings are prioritized and addressed; balance business needs, security best practices, and compliance requirements effectively.
  • Maintain and create documentation related to security technologies and compliance requirements.
  • Assist in response to internal and external audits, along with on-demand security assessments.
  • Research emerging technology in support of security enhancement and development efforts.
  • Facilitate the use of technology-based tools or methodologies to review, design, and/or implement reviews.
  • Embrace a culture of excellence, combining humility with ambition.
  • Take on additional responsibilities as needed.

Requirements

  • A US Citizenship which is required to work in Cornerstone's US Federal and DoD environments.
  • A willingness to obtain a US Government security clearance if required.
  • A bachelor's degree in IT/Computer Science or related field or equivalent experience.
  • Four or more years of experience in a technology, IT security and/or compliance role.
  • Experience in working with compliance and regulatory program requirements, i.e., technical controls supporting SOC 2, ISO 27001, FISMA/FedRAMP, CSA STAR, PCI, etc.
  • Solid familiarity with general enterprise technology with focus on security and compliance such as architecture, firewall, router, load balancer, operating systems, SEIM, IDS/IPS, HIDS, malware analysis and protection, content filtering, perimeter access controls, logical access controls, identity and access management, and data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, security incident response, Identity Access Management (IAM).
  • Experience with application security tools and vulnerability management, such as SAST, DAST, penetration testing, container security, open source vulnerability management, etc.
  • Proven project management and organizational skills, specifically managing multiple concurrent projects and/or clients.
  • Excellent analytical, problem solving and decision-making skills, applied with a solution-focused attitude.
  • Excellent written communication skills, demonstrating the ability to write with purpose, clarity, and accuracy.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service