Facebook pixel

Senior Analyst
Cybersecurity Risk and Compliance
Confirmed live in the last 24 hours
American Fork, UT, USA
Experience Level
Desired Skills
Google Cloud Platform
Microsoft Azure
  • Bachelors degree in Computer Science, Information Technology or related field or equivalent job experience
  • Minimum of 5 years experience in security risk management, compliance, audit, and information security
  • CISSP, CISM, CISA, CCSA or equivalent certification preferred
  • Familiarity with enterprise-level compliance tools such as ServiceNow, Archer, IBM GRC or other industry equivalent software
  • Knowledge and experience in FedRAMP, NIST SP 800-53 Rev 4, NIST SP 800-37, FISMA, NIST RMF, NIST FIPS 199, ISO 27001, ISO 27018, SSAE 18, HIPAA and HITRUST
  • Experience in cloud-based environments for production applications, including Amazon Web Services, Microsoft Azure, GCP or other large scale cloud deployment
  • Understanding of risks and controls as they pertain to firewalls, IDS/IPS systems, malware controls, URL filtering tools, anti-spam systems, BYOD controls, DLP, VPN, web application firewalls, endpoint security controls, OS hardening, multi-factor authentication, encryption key management, mobile device management, wireless security, full disk encryption, database security controls, containers, and network segmentation
  • Good advisory skills; able to get acknowledgement and commitment on assessment results and proposed mitigations across stakeholders with different interests
  • Strong analytical skills
  • Relationship builder; able to create and maintain a trusted network on all levels
  • Good communication, influencing and negotiating skills
  • Lead the risk-based approach to help develop security strategy and lead and execute various risk-driven tasks based on those strategies
  • Perform and/or facilitate information security risk assessments, report on findings and recommend mitigations
  • Lead the program to effectively and efficiently analyze security risks using real-world security data and systems automation
  • Lead and analyze the security of new or existing applications, product features, software, or specialized utility programs and provide risk recommendations
  • Manage remediation of identified risks and vulnerabilities; identify those within the organization responsible for remediation tasks and negotiate dates for remediation to be complete
  • Manage the tracking progress on remediation of identified risks and vulnerabilities and provide appropriate reporting to all constituents
  • Support our Sec Ops, Sec Engineering, and Compliance teams to develop risk/vulnerability assessment programs to aid in the identification and mitigation of security risks and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholders
  • Gather relevant information from internal and external assessments and/or audits of information technology systems and processes, interpret results, and develop and communicate recommendations to management
  • Develop, build and maintain the controls matrix, in alignment with multiple compliance frameworks, including SOC 1 & SOC 2, ISO 27001, ISO 27018, FedRAMP, HITRUST, and HIPAA
  • Lead establishing rules for risk analyses and security assessments which includes addressing controls defined by FIPS 199, NIST SP800-37, NIST SP800-53, NIST SP800-171 for both business operations and technical implementations throughout the company

501-1,000 employees

Modern BI platform
Company Overview
Domo is the fully mobile, cloud-based operating system that unifies every component of your business and delivers it all, right on your phone. The mission of Domo for Good is to connect organizations who want to change the world with Domo customers and tools that can help.
  • 20 days paid time off (increasing 1 day per year to a maximum of 25)
  • 13 paid holidays
  • 10 weeks paid maternity leave
  • 2 weeks paid paternity leave
  • Life insurance
  • Short-term disability insurance
  • Long-term disability insurance
  • Employee gym membership and wellness program
  • Rich traditional PPO medical plan
  • High-deductible health plan with high employer HSA contribution
  • High employer premium cost sharing
  • Adult and child orthodontic benefit
  • Tech benefit – $500 reimbursement for tablet PCs (We told you we love technology!)
  • Rich employer 401K match
  • Free catered lunch and dinner daily
  • Fully stocked break room
  • Professional development benefit
  • Maternity wardrobe benefit
  • New baby benefit
  • Adoption benefit
  • Fertility benefit
Company Values
  • Work hard, play harder