Company name
Pure Storage
Location
Mountain View, CA, United States
Employment Type
Full-Time
Industry
It
Posted on
Jan 19, 2022
Profile
SaaS Security Analyst
at Pure Storage
Mountain View, CA
BE PART OF BUILDING THE FUTURE.
What do NASA and emerging space companies have in common with COVID vaccine R&D teams or with Roblox and the Metaverse?
The answer is data, -- all fast moving, fast growing industries rely on data for a competitive edge in their industries. And the most advanced companies are realizing the full data advantage by partnering with Pure Storage. Pure’s vision is to redefine the storage experience and empower innovators by simplifying how people consume and interact with data.
With 9,000 customers including 50% of the Fortune 500, we’ve only scratched the surface of our ambitions
Pure is blazing trails and setting records:
For eight straight years, Gartner has named Pure
a leader in the Magic Quadrant
Our customer-first culture and unwavering commitment to innovation have earned us a certified
Net Promoter Score in the top 1% of B2B companies globally
Industry analysts and press
applaud Pure’s leadership
across these dimensions
And, our 4,000 employees are emboldened to make Pure a faster, stronger, smarter company as we go
If you, like us, say “bring it on” to exciting challenges that change the world, we have endless opportunities where you can make your mark.
Summary
Working with a variety of tools, processes, and people, the SaaS security analyst ensures integrity & compliance of vendor-operated systems. This includes working with the cloud security architect to create, monitor, and enforce a common set of controls and best practices across critical SaaS applications, informing the SOC for incident detection development, and advising internal application owners as to best operating practices.
The successful candidate has an attention to detail, an ability to empathize with stakeholders to understand their objectives, while overlaying positive security outcomes. Additionally, the security analyst can clearly and concisely collate disparate sources of information and present them to management. Continuity is maintained through creation of documentation regarding requirements, inventory, and interconnectivity among business applications.
About the Role
Collaborate with stakeholders to operate security controls that comprise the SaaS environment
Use technology to automate compliance activities like gathering evidence and verifying controls
Operationalize the health of the program by tracking metrics based on quantitative and qualitative data
Contribute to documentation for security standards, policies, and processes
Support audits and assessments with internal and external stakeholders
Work with product and infrastructure delivery teams on engineering projects related to GRC requirements
Recommending security configuration standards for SaaS applications
Conducts security risk assessments, evaluates security services and technologies, and reviews and documents information security policies and procedures as well as provides monitoring and oversight for alerts in the Cloud environment.
Acts as an Incident Response team member when the incident response team is active. Incident response tasks may be identification, log and event collection and analysis, forensic investigation support, communication support, and evidence handling.
Compliance alerts for system owners
Security alerts for the SOC
Fiscal responsibility tasks…
Work with risk and resiliency teams to determine controls for reducing blast radius
Skills
At least two years of information security experience at an organization with significant compliance requirements
Knowledge of security best practices for modern cloud-based SaaS organizations - we're almost entirely cloud-based
Experience working on security projects involving multiple collaborating stakeholders
Basic knowledge of software development and architecture
Nice to Have:
Deep Cybersecurity experience around SaaS threats and landscape.
Working knowledge of SaaS Applications such as O365, Okta, Google Workspace, Salesforce, Zoom, Box, etc
Experience in incident response, threat triage, log analysis, and data correlation
You may also have:
Familiarity with security standards (SOC 2, ISO 27001, FedRAMP, NIST) as well as privacy laws (CCPA and GDPR)
CCSP, PCI QSA, CISSP, or CISA certifications
#LI-DF1
BE YOU—CORPORATE CLONES NEED NOT APPLY.
Pure is where you ask big questions, think differently, and make an impact. This is not just a job, but a place where you have a voice and can accelerate your career. We value unique thoughts and celebrate individuality, and with ample opportunity to learn, develop yourself, and expand into different roles, joining Pure is an investment in your career journey.
Through our Pure Equality program, which supports a flourishing field of employee resource groups, we nourish the personal and professional lives of our team members. And our Pure Good Foundation gives back to local and global communities through volunteering and grants.
And because we understand the value of bringing your full and best self to work, we offer a variety of perks to manage a healthy balance, including flexible time off, wellness resources, and company-sponsored team events.
PURE IS COMMITTED TO EQUALITY.
Research shows that in order to apply for a job, women feel they need to meet 100% of the criteria while men usually apply after meeting about 60%. Regardless of how you identify, if you believe you can do the job and are a good match, we encourage you to apply.
Pure is proud to be an equal opportunity and affirmative action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or any other characteristic legally protected by the laws of the jurisdiction in which you are being considered for hire.
If you need assistance or an accommodation due to a disability, you may contact us at
TA-Ops@purestorage.com
APPLICANT & CANDIDATE PERSONAL INFORMATION PRIVACY NOTICE.
If you're wondering how or why Pure collects or uses information you provide, we invite you to check out our
Applicant & Candidate Personal Information Protection Notice
DEEMED EXPORT LICENSE NOTICE.
Some positions may require a deemed export license for compliance with applicable laws and regulations. Please note: Pure does not currently sponsor deemed export license applications so we are unable to proceed with applicants requiring stated sponsorship.
PURE’S COMPLIANCE WITH THE U.S. GOVERNMENT COVID-19 MANDATE
In accordance with Pure’s policies, current and anticipated federal regulations, and our ongoing commitment to prioritizing the health and well-being of our employees, partners, and customers, and the community at large, where permitted by law, all Pure employees and contractors working in the United States are expected to be fully vaccinated against COVID-19 prior to your start date.
Should you require an exemption for medical or religious reasons, you must initiate Pure’s exemption request process which will determine if an exemption can be granted in accordance with applicable local, state, and/or federal law.
Company info
Pure Storage
Website : http://www.purestorage.com