Information Security Analyst
Everbridge is looking for a highly technical information security risk analyst focused on methodically managing risk within the company. You will be responsible for evaluating and documenting control implementation with regard to FedRAMP and ISO 27001 requirements, assisting with internal security reviews, and working with internal teams to address compliance and audit issues.
Job Duties Include:
- Participate in evaluating Everbridge SaaS-based Platform & Service offerings against FedRAMP Moderate control baseline and provide support for on-going compliance testing and reporting.
- Participate in Internal audits of Corporate Systems and Third-Party Vendor Services.
- Routinely analyze and report on the state of key controls reviewed as part of Everbridge’s Continuous Monitoring Plan (ConMon).
- Ensure compliance with risk-based governmental and industry standards and security compliance frameworks such as FISMA, FedRAMP, ISO 27001, BSI C5, and SSAE 16 SOC 2 Type II.
- Assist in tracking Corrective Action Plans (CAP’s) and Plan of Actions and Milestones (POA&Ms) towards remediation.
- Provide support for corporate information security, compliance & risk management projects and processes.
- Enhance existing processes via process engineering and workflow automation.
- Deep knowledge of NIST SP 800-53 rev 4, Moderate Impact Systems and FedRAMP-Defined Assignment and Selection Parameters and control testing.
- Deep knowledge of ISO-27001 standards and control testing.
- Experience applying general security and risk management concepts to globally deployed cloud-based SaaS platform.
- Experience with managing and supporting an Enterprise Risk Management Lifecycle, Processes and Procedures.
- Experience with managing risks associated with Third-Party Vendor Cloud Service integrations.
- Experience with participating in Disaster Recovery Planning and Management in an Information Security, Compliance or Risk Management supporting role.
- Experience in preparing and managing compliance auditing workpapers such as document request lists, standard test cases and audit test plans.
- Ability to articulate compliance standards and specifications to technical and non-technical audiences to assist in the design of technical controls to meet regulatory requirements
- U.S. Citizenship is required
- Ability to work and effectively prioritize in a highly dynamic work environment.
- Experience using Atlassian Jira for team workload assignment and prioritization.
- Experience balancing multiple Key Priority Initiatives (KPI’s) and workload assignments through Scrum or Kanban project management.
- Experience using SumoLogic or similar solutions for Security Audit and Compliance Analysis and management reporting.
- Experience configuring, managing and providing support for GRC or IRM tools such as Archer, ZenGRC or RSAM.
- CISSP, CISM, CRISC, CISA or ISO Lead Implementor Certification.
Our team makes a difference during the most difficult times and challenging situations. Our people are dedicated to solving problems. Our software was built to save lives. Our unifying mission is to keep people safe and businesses running.
Headquartered in the great cities of Boston and Los Angeles, with operations across the world, our team of 750+ dedicated employees support more than 4,200 global customers every day in their most crucial moments. During public safety threats such as active shooter situations, terrorist attacks, or severe weather conditions—as well as during critical business like IT outages or cyber-attacks—customers rely on our SaaS-based platform to quickly and reliably aggregate and assess threat data, locate employees and first responders, automate a pre-defined communications processes, and track progress on those response plans.
Our culture is all about “Making a Difference,” and we are proud to serve:
- 9 of the 10 largest U.S. cities
- 8 of the 10 largest U.S.-based investment banks
- 7 of the top 10 U.S. technology and telecom companies
- 25 of the 25 busiest North American airports
- 7 of the 10 largest U.S. healthcare systems
- 6 of the 10 largest U.S. retailers
As we continue to grow and transform the field of critical event management, we need passionate, committed individuals to help us carry out our mission. Click here to learn more about what we do. If you think you have what it takes to make a difference, apply to be a part of our award-winning team.
Everbridge is an Equal Opportunity/Affirmative Action Employer. All qualified Applicants will receive consideration for employment without regard to race, creed, color, religion, or sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information.