Security / Compliance Analyst - Remote

Basic Information

Country

United States

State

NA

Date Published

21-Jun-2022

Job ID

34348

Travel Amount

None
This role can be based remotely in United States

Description and Requirements

#LI-JR1
BMC works with 86% of the Forbes Global 50 and customers and partners around the world to create their future. With our history of innovation, industry-leading automation, operations, and service management solutions, combined with unmatched flexibility, we help organizations free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead.
BMC Software is looking for a motivated and skilled individual to join the corporate IS&T SaaS Security Compliance team.  The IT Security Compliance professional will be responsible for ensuring that the security capabilities and posture of the cloud services provided by the SaaS Security team is in compliance with the policies and standards mentioned as part of the Information Security Management System, along with review of vendor exhibits and provide responses to customer assessments.  A wide breadth of security, compliance and audit skills will be required to perform the assigned tasks.    
 
Responsibilities:
  • Compliance Requirements
    • Provide assistance/ownership to 3rd-party certifications, internal audits, and customers assessments for BMC's cloud subscription services
    • Coordinate compliance requirements and validate artifacts for FedRAMP, SOC 2, ISO, and others as needed
    • Provide assistance as applicable in 3rd-party certifications, internal audits, and customer assessments for BMC cloud subscription services
    • Provide assistance to other cyber security teams, as required
    • Maintain upkeep of the risk register and SaaS document libraries
    • Collaborate with project management office for certification milestones and subject matter experts for artifacts
 
  • Contract Reviews
    • Review of vendor exhibits and provide responses to customer assessments
    • Provide guidance to other assurance and governance teams
    • Work closely with IaaS/cloud partners to ensure they meet compliance and regulatory requirements
 
  • Tools and Technologies
    • Understand the purpose of security tools used within BMC, and how they help meet compliance requirements
 
Qualifications:
  • Bachelor's degree in computer science, information technology, systems engineering, or related field.  Security/privacy certifications are a plus
  • Understanding of IT security (and related) compliance frameworks like NIST, ISO, SOC 2, HIPAA
  • Exposure to government compliance requirements, such as FedRAMP and DISA/DoD Impact Level/CMMC, a plus
  • Security and privacy assessment experience in a SaaS organization/product a plus
  • Good oral and written communication skills to collaborate with the team
  • Willing to learn new tools and technologies
  • Broad understanding of security and privacy concepts
  • Business communication and writing skills
  • Technical documentation / report writing skills and experience
  • Understanding and awareness of current developments in the prevailing global Cybersecurity environment
  • Self-starter
  • Person that can take initiative to solve complex problems
  • Ability to work independently
  • Willingness to broaden scope of knowledge and skills in the field of cyber security 

#LI-Remote 

It is the policy of BMC Software to afford equal opportunity for employment to all individuals regardless of race, color, age, national origin, physical or mental disability, history of disability, ancestry, citizenship status, political affiliation, religion, gender, transgender, gender identity, gender expression, marital status, status as a parent, sexual orientation, veteran status, genetic information or other factors prohibited by law, and to prohibit harassment or retaliation based on any of these factors. 

If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page.