Logo
Zoom Corporation

Lead Security GRC Engineer

Zoom Corporation, Harrisburg, Pennsylvania, us, 17124


What you can expect

Zoom is looking for a Lead Security GRC Engineer who's main focus will be on automat ing control evidence gathering and continuous testing. This role is responsible for providing security assessments, gap analyses, and recommendations around technical security control implementations across multiple software products, supporting infrastructure technologies, and business processes. They will work with the Security Risk team to aid in control risk management and help mature our control governance program.

About the Team

As part of the Security GRC Technology team, you'll work alongside other Security Assurance teams and Detection and Monitoring teams. You will collaborate to define and implement compliance monitoring tooling capabilities to support continuous improvement of our security control environment. You will also be responsible for ensuring Zoom’s security posture aligns with Zoom's commitment to protect customers, employees, business operations, and compliance with regulatory mandates.

Responsibilities

Expanding automated evidence gathering and continuous control testing through integrations with our GRC platform.

Contributing to the development and maturation of our existing security controls program.

Working with software engineers, DevOps and infrastructure teams, product owners, Legal stakeholders, and other teams across security to implement and develop security requirements and controls.

Evaluating document, and communicate business risk in the context of control designs and gaps alongside our Security Risk Management team.

Maintaining and optimize security compliance monitoring and alerting systems; aggregate compliance alerts and advise control owners on system policy violations.

Working with release management and program managers to perform critical data security reviews over newly released products and features.

What we’re looking for

Have 6 to 8 years of experience in professional roles focusing on cybersecurity.

Have the ability to clearly communicate technical issues to non-technical audiences and others with

varying backgrounds internally and/or externally.

Have familiarity with setting up APIs and Webhooks, at least one scripting language, and at least one public cloud architecture and control tool

Will have familiarity with risk management methodologies and common security controls frameworks, such as NIST SP800-53, ISO 27001/27002, CIS Critical Controls.

Have a background of administering and implementing GRC tooling.

Experience with security compliance monitoring tools/solutions offered natively in AWS, SIEM tools, GRC platforms, vulnerability scanning tools, PAM (Privileged Access Management), and other infrastructure security tools.

Salary Range or On Target Earnings:

Minimum:

$118,600.00

Maximum:

$259,500.00

In addition to the base salary and/or OTE listed Zoom has a Total Direct Compensation philosophy that takes into consideration; base salary, bonus and equity value.

Note: Starting pay will be based on a number of factors and commensurate with qualifications & experience.

We also have a location based compensation structure; there may be a different range for candidates in this and other locations

At Zoom, we offer a window of at least 5 days for you to apply because we believe in giving you every opportunity. Below is the potential closing date, just in case you want to mark it on your calendar. We look forward to receiving your application!

Anticipated Position Close Date:

11/11/24

Ways of WorkingOur structured hybrid approach is centered around our offices and remote work environments. The work style of each role, Hybrid, Remote, or In-Person is indicated in the job description/posting.

BenefitsAs part of our award-winning workplace culture and commitment to delivering happiness, our benefits program offers a variety of perks, benefits, and options to help employees maintain their physical, mental, emotional, and financial health; support work-life balance; and contribute to their community in meaningful ways. Click Learn (https://careers.zoom.us/benefits) for more information.

About UsZoomies help people stay connected so they can get more done together. We set out to build the best collaboration platform for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom Webinars.We’re problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Here, you’ll work across teams to deliver impactful projects that are changing the way people communicate and enjoy opportunities to advance your career in a diverse, inclusive environment.

Our Commitment​We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. Zoom is proud to be an equal opportunity workplace and is an affirmative action employer. All your information will be kept confidential according to EEO guidelines.

We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records and any qualified applicants requiring reasonable accommodations in accordance with the law.If you need assistance navigating the interview process due to a medical disability, please submit an Accommodations Request Form (https://form.asana.com/?k=OIuqpO5Tv9XQTWp1bNYd8w&d=1127274756253361) and someone from our team will reach out soon. This form is solely for applicants who require an accommodation due to a qualifying medical disability. Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed.

#LI-Remote