Maven Portfolio Company Careers

Work with Bold Founders with a Vision Worth Fighting For

Senior Security Technical Compliance Analyst



IT, Legal
Remote · United States
Posted on Wednesday, August 16, 2023

We are seeking a Senior Security Technical Compliance Analyst (FEDRAMP) to join the Technical Compliance team for Zoom for Government. This role will be instrumental in leveraging the large data sets that we have to drive higher levels of security posture and configuration consistency for the Zoom infrastructure, and to mature the operational rigor of our processes. The successful candidate will be part of the growing Technical Compliance team for Zoom for Government, and will be working with operations teams across the Zoom global organization, security operations teams to expand our collaboration and enhance the data pipelines for deeper insights to drive remediation plans.

You will:

  • Validate and drive vulnerability remediation of discovered vulnerabilities

  • Build the bridges between security and compliance by working directly with our operations teams, infrastructure teams, security teams, related Zoom teams, and Government authorizing officials

  • Interacting with senior levels of government agencies

  • Develop long-term projects and define processes and methods to ensure execution and productivity across multiple internal and external stakeholders, including customers and regulatory agencies

  • Conduct security assessments, significant change requests, and attestations

  • Work as an internal auditor for the organization’s infrastructure and services

  • Develop technical knowledge of control implementation

  • Improve documentation, track progress, coordinate improvement efforts, and monitor process improvement effectiveness

  • Communicate requirements effectively to internal and external stakeholders

  • Liaison between agencies/auditors and internal team regarding compliance issues and solutions

  • Support Security operations team in resolutions of audit and vulnerability findings

  • Meet regularly with other technical teams to follow up with patching cadence

  • Implement automated monitoring and alerting on continuous compliance tasks

  • Report Continuous monitoring documentation to associated organizations (FedRAMP, StateRAMP, DISA) on a monthly basis

  • Effectively recognize threats by performing relevant research and data analysis

  • Report security incidents

You have:

  • Active US citizenship.

  • B.S or M.S in Computer Science, Cybersecurity or Information Security, or relevant experience.

  • Knowledge or experience in working with and/or managing vulnerability scanners such as, Tenable, Prisma, Burp Suite, etc..

  • Experience working with/in ServiceNow.

  • Experience in security compliance frameworks such as FedRAMP, NIST/DoD RMF, and NIST SP 800-series publications.

  • Experience in working with testing tools such as Nessus, DISA STIGs / STIG Viewer, etc..

  • Knowledge of desktop, server, mobile operating systems and cloud computing providers.

  • Ability to plan, organize, prioritize, work independently and meet deadlines.

Bonus Points:

  • Deep understanding of OWASP Top 10, and specifically A06:2021 Vulnerable and Outdated Components

  • CISSP/CISM/CEH certification

  • Knowledge or experience with container management tools such as Docker, Amazon ECS, Kubernetes or equivalent implementations

  • Knowledge of multiple cloud computing providers such as AWS, OCI, etc.

  • Experience in the public sector space

  • Security Clearance

Salary Range or On Target Earnings:





In addition to the base salary and/or OTE listed Zoom has a Total Direct Compensation philosophy that takes into consideration; base salary, bonus and equity value.

Information about Zoom’s benefits is on our careers page here.

Note: Starting pay will be based on a number of factors and commensurate with qualifications & experience.

We also have a location based compensation structure; there may be a different range for candidates in this and other locations.

About Us

Zoomies help people stay connected so they can get more done together. We set out to build the best video product for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom Webinars.

We’re problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Here, you’ll work across teams to deliver impactful projects that are changing the way people communicate and enjoy opportunities to advance your career in a diverse, inclusive environment.

Explore Zoom:

We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. Zoom is proud to be an equal opportunity workplace and is an affirmative action employer. All your information will be kept confidential according to EEO guidelines.