WHAT WE DO MATTERS

We have big plans for continued global growth, and we’re looking for people who are creative, flexible and dedicated to helping us build something great – something that matters.

Tenable is more than ‘just’ the creator of Nessus. Our security solutions - including our first cyber exposure platform for modern assets, Tenable.io - are transforming global vulnerability management. We’re a global team, powered by creative thinkers who are wired for action, focused on delivering results and collaborating to enable decisive actions to protect what matters most. We’re in this together - colleagues, customers and partner communities working as One Tenable.

Can you join Team Tenable? Yes you can - if you’re excited by the thought of working with over 800 colleagues, 23,000 customers and a range of revolutionary products that are shaping cybersecurity in 150 countries. Being valued for who you are as well as what you do, you can embrace the pace (we’re recognized as one of the fastest growing security product companies by SC Magazine, Red Herring, Info Securities, Deloitte and E&Y) as well as enjoy a superb rewards package (we’re seen as a Best Places to Work by Glassdoor, The Washington Post, The Baltimore Sun, The Baltimore Business Journal and Expert Marketplace). The key question is: Is This You?

We have big plans for continued global growth, and we’re looking for people who are creative, flexible and dedicated to helping us build something great – something that matters.

Information Security Risk/Compliance Analyst

New York | United States

Your Role:

Tenable seeks to hire a hands-on Mid/Senior Risk and Compliance Analyst to join its InfoSec-Risk and Compliance team. This role will help drive the compliance and assurance efforts for our products and cloud services. Additionally they will assist with responding to external vendor risk assessments, security assessments, and audit requests.

We are searching for a candidate who knows both sides of the audit and assessment process; how to test controls and how to design them. The candidate will review the design of existing controls and offer ideas on improving and consolidating those controls, educating and informing others within the organization, and identifying opportunities for improvements in existing processes. This position will report to the Manager of InfoSec - Risk and Compliance.

Your Opportunity:

  • Assists in the development and execution of the internal compliance program including preparation for audits, certifications, and risk assessments
  • Assists in developing, administering, and ongoing compliance monitoring of internal security controls
  • Serves as a company representative with prospects, customers, and partners by assisting with completing security questionnaires, assessments, and audits
  • Work with Sales, Engineering, Information Security, IT, and Product Development teams to convey compliance obligations and requirements
  • Optimize risk management, control, and compliance activities
  • Educate stakeholders on their responsibilities
  • Acts as a consultant and SME for internal departments
  • Coordinate and participate in internal and external audit walkthroughs
  • Help guide and perform remediation of issues identified during third-party assurance or internal reviews
  • Support special projects as required

What you'll need:

  • Knowledge of governance, risk and compliance frameworks
  • Experience interpreting industry and regulatory requirements and authoring supporting controls
  • Experience performing or undergoing internal and external audits
  • Experience achieving or maintaining FedRAMP and ISO 27001
  • 3+ years of experience performing information security and risk assessments based upon industry accepted standards
  • 4+ years of experience in compliance, information security, assurance, internal controls or risk management
  • 4+ years of experience with implementation, monitoring, and reporting of control processes, documentation, and remediation items
  • Ability to operate independently and understand all the requirements
  • Strong project management skills
  • Ability to work well with others, and communicate effectively with all levels of management
  • Must be analytical and embrace technology
  • Rational, pragmatic, and realistic approach to security, risk and compliance
  • Excellent verbal and written communication skills
  • Advanced user of Excel
  • Be self-directed and motivated
  • Manage conflicting priorities

And Ideally:

  • Relevant security certifications (SSCP, CISSP, CISA, etc)
  • Experience in a Big 4 or similar security consulting or risk assurance role
  • Experience conducting audits for or implementing programs such as ISO 27001
  • Experience with privacy and GAPP
  • Experience with BC & DR Program Management
  • BS, BA in Information Technology, Computer Science, Information Security, or other related
We’re committed to promoting Equal Employment Opportunity (EEO) at Tenable - through all equal employment opportunity laws and regulations at the international, federal, state and local levels.

Apply for this position

Sign in with LinkedIn
Autofill my information with LinkedIn

Not ?

Thank you

People who viewed this page also viewed

 

Information Security Manager

Columbia Maryland United States Columbia, Maryland, United States IT Services IT
Tenable is expanding its internal corporate security team and is looking for an Information Security Manager to join our team. Reporting to the Director of Information security, this individual will be responsible to manage the analysts and day-to...

Technical Support Engineer

Columbia Maryland United States Columbia, Maryland, United States Technical Support Technical Support
Your Role:The Technical Support Engineer provides consistent, world-class security, network, and product support for Tenable products. Our support engineers possess excellent knowledge of security assessment, vulnerability management and complianc...

Network Support Engineer

Columbia Maryland United States Columbia, Maryland, United States IT Services IT
Your Role:The Full Stack Engineer  - Network Focus designs, implements, troubleshoots, analyzes and maintains the IT infrastructure of internal and customer facing environments; including router, switch, and firewall administration, basic server a...

Integration Consultant

New York New York United States New York, United States Professional Services Professional Services
Your Role:Tenable is looking for an Integration Consultant to join our Professional Services team working with our customers to help them push or pull information from Tenable’s products with other 3rd party products within their environment. Exam...

Senior Vulnerability Research Engineer - exploits, 0-day, fuzzing

Remote United States Remote, United States, 97458 Research Research
Your Role:Tenable is looking for a Senior Research Engineer to join our 0-day security research team. This position will involve exploring the attack surface area of various software and systems, looking for new vulnerabilities, developing checks/...

Director of Program Management

New York New York United States New York, United States Research Research
Your Role:We believe that building products should be both easy and fun.  This means the process whereby we create software has to be transparent for everyone and smooth as a silk with lots of handrails to keep us on track even when things get com...

Alert me about jobs like this

Sign in with LinkedIn
Autofill my information with LinkedIn

Not ?

Thank you!

Apply for this position

Sign in with LinkedIn
Autofill my information with LinkedIn

Not ?

Thank you

Text, Label