Security Technical Compliance Analyst (PCI)
The Security Technical Compliance Analyst is responsible for working across internal stakeholders including Zoom's security team as well as the cloud operations team to drive key aspects of technical compliance requirements.
Coordinate with internal stakeholder operations teams to demonstrate the implementation of security compliance control implementations for technical, management, and operational requirements
Verify vulnerability and compliance scanning configurations within scanning tools remained
Support the development of technical material, operational processes, security policies, and other core documents
Manage compliance metrics within the governance risk and compliance system
Skills and competencies
Two or more years’ experience in:
Experience working in technology compliance
Experience with the production and/or editing of technical drawings using MS Visio or similar design tools.
Experience with technical documentation related to PCI DSS, ISO 27001, NIST CSF, SOC 2 and continuous monitoring
Experience contributing to audit requests and proven ability to gather evidence in support of audits
Experience with and knowledge of:
Experience and familiarity with cloud data security and working with public cloud solutions (AWS)
Experience working with a Governance Risk and Compliance tool (preferably ServiceNow)
General skills include:
Demonstrate strong verbal and written communication skills as well as strong analytical and problem-solving abilities
Excellent English language, grammar, and spelling skills for writing, editing, and proofreading
Ability to work independently or as a member of a team on various tasks.
Skilled at organizing and translating information into clear written documentation; articulating complex concepts and processes in writing
Proven ability to effectively research subject matter
Experience working in a collaborative environment; ability to work well under tight deadlines and effectively interact with a wide range of personnel
Knowledge, experience and subject matter expertise in the following:
PCI DSS, ISO 27001, NIST CSF, SOC 2
Key information security and privacy concepts and program operations
Understanding of business continuity/disaster recovery
Experience with risk management and risk terminology, able to assess third party risk (vendors)
Strong degree of comfort working with technical and business stakeholders/partners, ability to translate information between both
Familiarity with Service Now or other GRC tool
Bachelor's degree in a relevant field (e. g., Cybersecurity, Information Security, Information Assurance, etc.)
US Citizenship required
Ensuring a diverse and inclusive workplace where we learn from each other is core to Zoom’s values. We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records as well as any qualified applicants requiring reasonable accommodations in accordance with the law.
We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.
All your information will be kept confidential according to EEO guidelines.
Hear from our leadership team
Browse Awards and Employee Reviews on Comparably
Visit our Blog
Zoom with us!
Find us on social at the links below and on Instagram