$80K — $100K *
As a Sr. Security Analyst in Xactly's Denver office, you will be responsible for working with internal staff and Information Security to establish and enforce information security best practices, protect internal systems, improve processes and information security controls. You will be managing the day-to-day usage, configuration and review of the suite of security tools and services we use to manage our environment, such as Veracode, Rapid7, Cloud Health etc... Assist on customer calls responding to Infosec related questions. We are seeking someone who wants to make a real impact with a rapid growth software company who is excited to tackle new challenges and opportunities while acting as an articulate team player who is passionate about information security and is excited to spread the Xactly love.
Not only do we offer strong growth opportunities for top performers, but we also have a top-notch culture, benefits (check them out below) and more. Our strong C.A.R.E. values - Customer Focus, Accountability, Respect & Excellence - guide our every move, allowing us to be a leader in the incentive compensation & performance management market. We set the example with excellent customer experience and deliver an award-winning SaaS (Software-as-a-Service) product!
Xactly’s Production Operations team is a like-minded group of self-motivated individuals. We function as a tight-knit organization but foster an environment that encourages individual autonomy to get the job done.
THE SKILL SET:
● 3+ years in Information Security and minimum 5 years working in Information Technology
● Experience supporting SOC compliance initiatives is a huge advantage
● Experience with Veracode DAS/SCA, Rapid7 IVM, Cloud Health, OCI, AWS, Azure a plus.
● Experience with operating a SIEM a bonus.
● Experience working in a SaaS company
● Analytical and problem-solving skills, with an ability to assimilate, analyze and correlate large amounts of forensic data from various network, operating system, application, and security devices, logs, and alerts
● Understanding and experience in networking concepts and services such as VPNs, firewalls, 802.1x, etc
● Identify security product/process gaps and implementation of enhancements/resolutions
● Review and/or approve changes to critical business systems and applications in line with customer, regulatory, and industry standards and requirements
● Perform security reviews of vendors to ensure compliance with policies and customer requirements
● Provide evidence for audits (SSAE16, SSAE18, SOC 2 Type 2, ISO 27001)
● GRC (governance, risk, compliance) and various security standards and regulatory frameworks (SOC1 and SOC2, GDPR, Privacy Shield, CSA)
● Experience with incident response, disaster recovery, and business continuity planning
● Experience auditing backend infrastructure including switches, routers, firewalls, proxy servers, and enterprise systems and storage solutions
● Experience with intrusion detection and prevention (network and host-based) tools, security event and information management tools, and network and system forensics tools
● Experience in deployment and management of applied IT security technologies and tools such as two-factor authentication, data loss prevention (DLP) technologies, network access control, centralized endpoint protection, and content filtering
WITHIN ONE MONTH, YOU’LL
● Get your bearings and begin to build a strong foundation, upon which to grow
● Build relationships with internal business partners including Production Operations, Engineering, QE and Product Management teams
● Gain a strong understanding of Sales Performance Management space and the business challenges Xactly solves
Valid through: 7/1/2021