Security Technical Compliance Engineer

Security (SC)

Person, Crowd, Audience, Clothing, Apparel, People

Security Technical Compliance Engineer

  • Bay Area, California, United States
  • Southern California, California, United States
  • Denver, Colorado, United States
  • Remote, District of Columbia, United States
  • Remote, Georgia, United States
  • Chicago, Illinois, United States
  • Boston, Massachusetts, United States
  • Remote, New Jersey, United States
  • New York City, New York, United States
  • Remote, Texas, United States
  • Full time

Work Styles at Zoom

In most cases, you will have the opportunity to choose your preferred working location from the following options when you join Zoom: in-person, hybrid or remote. Visit this page for more information about Zoom's Workstyles.

About Us

Zoomies help people stay connected so they can get more done together. We set out to build the best video product for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom Webinar.

We’re problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Here, you’ll work across teams to deliver impactful projects that are changing the way people communicate and enjoy opportunities to advance your career in a diverse, inclusive environment.

Security Technical Compliance Engineer

JOB DESCRIPTION

The Security Technical Compliance Engineer provides assessments, gap analysis, and recommendations around technical security control implementations across multiple software products, supporting infrastructure technologies, and business processes in alignment with Zoom security compliance requirements.

Responsibilities include:
•    Ensure the deep details of technical security align to Zoom's commitment to protect customers, employees, and business operations, and comply with regulatory mandates
•    Work alongside other Security Assurance teams and Detection and Monitoring teams to define and implement compliance monitoring tooling capabilities to support continuous improvement of our security control environment
•    Assist with evaluating and assessing the effectiveness of management, operational, and technical security controls
•    Work with software engineers, DevOps, infrastructure teams, product owners, Legal stakeholders, and across security teams to understand security and compliance requirements
•    Contribute to the development and maturation of our existing security controls program
•    Evaluate, document, and communicate business risk in the context of control designs and gaps
•    Seek out opportunities to improve validation of controls compliance through automation
•    Assist development of requirements and roadmap for implementing compliance monitoring tooling to enable monitoring of security infrastructure, security logs, and tools
•    Maintain and optimize security compliance monitoring and alerting systems; aggregate compliance alerts and advise control owners on system policy violations
•    Metrics and dashboarding

Skills and competencies:
•    Bachelor's degree in a relevant field (e. g. Information Security, Information Technology, Computer Engineering) and 4+ years’ experience in professional roles focusing on cyber security
•    Ability to clearly communicate technical issues to non-technical audiences and others with varying backgrounds internally and/or externally
•    Ability to identify security gaps in the overall system design as well as configuration issues in individual components.
•    Demonstrated experience working across multiple compliance domains concurrently and applying security best practices across complex, fast-growing organizations.
•    Expert knowledge of common security controls frameworks, including NIST 800-53
•    Strong knowledge of technology and security topics including network and application security, vulnerability scanning, access control, configuration hardening, encryption, logging and monitoring, and endpoint protection
•    Experience with security compliance monitoring tools/solutions offered natively in AWS, SIEM tools, vulnerability scanning tools, cloud security configuration tools, endpoint detection & response tools, and other infrastructure security tools 
•    Hands-on experience implementing/assessing security controls in public cloud environments (AWS, OCI, GCP, Azure)
•    Experience developing and conducting audit plans covering cyber security controls for conformance to defined requirements

Nice to Haves:
•    Proven experience using scripting languages such as Python to automate assessment of security controls.
•    Previous experience in an engineering, security, or compliance role supporting a FedRAMP-authorized cloud service or as a FedRAMP 3PAO.
•    Strong knowledge of commercial compliance frameworks including ISO 27001/27002, HITRUST, HIPAA, SOC 2, PCI
•    Relevant professional certifications, such as CISSP, AWS certifications (e.g. AWS Solutions Architect), SANS certifications, CISA, CISM
Additional:
•    This role is open to all US Citizens (to support Zoom for Government-related projects)


Ensuring a diverse and inclusive workplace where we learn from each other is core to Zoom’s values. We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records as well as any qualified applicants requiring reasonable accommodations in accordance with the law.

We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.
All your information will be kept confidential according to EEO guidelines.

Zoom requires all U.S. employees who will work in person at a Zoom office, attend in-person Zoom meetings or have in-person customer meetings to be fully vaccinated.  Zoom will consider requests for reasonable accommodations for religious or medical reasons as required under applicable law.

Explore Zoom:
Hear from our leadership team
Browse Awards and Employee Reviews on Comparably
Visit our Blog
Zoom with us!
Find us on social at the links below and on Instagram
Zoom online application request:

Thanks for writing and for sharing your resume. Can you please use the link below to complete the Zoom Incident Response Application. Here's the application:

We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. Zoom is proud to be an equal opportunity workplace and is an affirmative action employer. All your information will be kept confidential according to EEO guidelines. 

We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records and any qualified applicants requiring reasonable accommodations in accordance with the law. If you need any assistance or accommodations due to a medical condition, or if you need assistance accessing our website or completing the application process, please let us know by emailing us at careers@zoom.us.

Colorado Salary Range or On Target Earnings:

Minimum:

$97,920.00 USD

Maximum :

$181,170.00 USD

In addition to the base salary and/or OTE listed, Zoom has a Total Direct Compensation philosophy that takes into consideration base salary, bonus and equity value.  Information about Zoom’s benefits is hereNote: Starting pay will be based on a number of factors and commensurate with qualifications & experience.  We also have a location based compensation structure; there may be a different range for candidates in other locations.

Zoom requires all U.S. employees who will work in person at a Zoom office, attend in-person Zoom meetings or have in-person customer meetings to be fully vaccinated.  Zoom will consider requests for reasonable accommodations for religious or medical reasons as required under applicable law.

Explore Zoom:

#LI-Remote

Fraudulent Employment Offers

Zoom is aware of scams that involve fake Zoom job listings posted on third-party sites. Responding applicants are contacted primarily over email, InMail and/or chat applications by people impersonating Zoom employees. Eventually a fake offer letter is sent in exchange for personal identification information as part of a fake new-hire screening process.

Please be advised that these offers, communications and impersonations are illegitimate and fraudulent. All communication with Zoom employees come from an “@zoom.us” email address. Zoom job applicants complete an interview process including in-person (on Zoom) meetings and phone calls. Our process also requires you to create an account with our applicant tracking system, Workday. If you have already completed an application, you can access it here. 

Zoom will never ask for your personally identifying information during the interview process or ask you to pay money or purchase equipment. If you have received a message from Zoom that appears suspicious, please contact careers@zoom.us. 

Sign up for job alerts

Find roles that are just the right fit for you, delivered straight to your inbox. The next opportunity you see could become your new career.

Not You?

We have emailed you a code to verify your identity

Thank you for signing up for job alerts from Zoom!

Person, Laptop, Pc, Mouse, Hair, Sitting, Female, Table, Woman, Girl