Are you data-driven? We at NetApp believe in the transformative power of data to expand customer touchpoints, to foster greater innovation, and to optimize operations.
We are designed for simplicity, optimized to protect, created to embrace future opportunity, and open to enrich choice. We are the data authority for hybrid cloud, and we are helping our customers realize the full potential of their data.
We’ve built a Data Fabric for a data-driven world to simplify and integrate data management across the resources that are best for the business.
With the Data Fabric, our customers can harness the power of cloud data services, build cloud infrastructures, and modernize storage through data management.
By harnessing the power of hybrid cloud data services, customers gain the freedom of choice to securely manage and move data anywhere, on any cloud.
Only NetApp can help organizations deliver data-rich customer experiences when they rapidly test and deploy new applications that easily use data and services regardless of where they reside or in what form.
Job Summary : The Governance, Risk, and Compliance Analyst is responsible for the assessing and documenting of the NetApp Cloud Data Service’s compliance and risk posture as they relate to the its information assets.
The purpose of this position is to provide highly skilled technical and information security expertise for development and implementation of the information security risk management program.
Responsibilities require leadership and project management experience, as well as expertise to ensure effective system-wide security analysis;
intrusion detection; standards and testing; risk assessment; awareness and education; and development of policies, standards and guidelines.
Perform other duties as assigned to ensure the smooth functioning of the department and maintain the reputation of the organization as a viable business partner.
Recommend programmatic and technical directions and operate with a high degree of independence in matters relating to the investigation, impact, and analysis of security incidents, decisions regarding risk, and measures for computer and network security.
Operate with a high degree of independence with regard to project management activities, including development of project plans and budget / resource estimates.
Lead the development and implementation of the system-wide risk management function of the information security program to ensure information security risks are identified and monitored.
Internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls for the University's information and technology systems.
Lead the system-wide information security compliance program, ensuring our Cloud software services activities, processes, and procedures meet defined requirements, policies and regulations.
Develop and implement effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.
Execute strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal / external auditors, ISO27001, ISO27017, ISO 27018, SOC, PCI DSS, ITAR, HIPAA, NIST 800-
171, FedRAMP and FISMA and other relevant regulations that the business requires to meet.
5 years of advanced IT skills with high level of information security experience and expertise
Knowledge of information security risk management frameworks and compliance practices.
Knowledge of securing network technologies, client, and server operating systems.
Ability to develop security standards and guidelines based on best practices and industry standards
Experience responding to, analyzing, and communicating information security incidents
3 years of planning and managing security projects
Excellent interpersonal, communication, and presentation skills, including formal report writing experience
Understanding of common security standards and regulations relating to a higher education environment (e.g., PCI DSS, FERPA, ISO2700x, etc.)
Must be well versed with laws affecting the higher education environment in the following areas : GDPR Health Care Finance Research Compliance State Regulations
Bachelor’s degree in information technology or other related field
Information security experience in higher education or state / local government
Skills in documenting risk and compliance activities
Information security related training or certifications such as ISO 27001 Lead implementer or Lead Auditor, CISSP or CRISC, CISA would be preferred.
Experience performing information security audits or risk assessments
Familiarity with security auditing processes
So get ready to tap into the data visionary within, and join us as we accelerate digital transformation and empower our customers to change the world with data!
If you ask a NetApp employee why they work here, the answer is inevitably the same : the people. At NetApp, our culture is at the heart of what we do.
We place importance in trust, integrity, teamwork, and caring above all else. NetApp is a place where people are empowered to make a difference.
Empowered to innovate. Empowered to collaborate. Empowered to help ourselves and others be data-driven and change the world.
We take care of each other, our customers, our partners, and our communities simply because it’s the right thing to do.
Join us and see what empowerment can do.