Security Documentation & Engagement Specialist at Zoom Video Communications
Zoom is seeking a talented Security Documentation & Engagement Specialist to join our cyber security team. The Security Documentation & Engagement Specialist will be responsible for curating Zoom security policies, procedures, standards, and guidelines in Zoom’s document library. You will engage with subject matter experts across the information technology and cyber security teams to ensure our security documentation is complete and accurate. Responsibilities include creating, updating, and maintaining security policies and procedures, maintaining a document library and knowledge base, writing technical documentation, contributing to communications, and collaborating with security partners. This position reports to the Manager, Security Documentation & Engagement.
The Security Documentation & Engagement Specialist should have a passion for leading focus group engagements, developing content and be able to work in a fast-paced environment, stay focused on producing quality technical documentation and meeting tight deadlines. The candidate will participate in requirements gathering meetings and attend audits to track documentation requests. Also, the candidate must have extensive experience with version control and a systematic approach towards publishing documents. Attention to detail is paramount to the success of this role.
General Functions And Outcomes
Facilitate documentation sessions that capture accurate information for the creation, implementation and maintenance of appropriate policies, and procedures aligned with security standards such as the NIST Cyber Security Framework, ISO 27001, SSAE 18 SOC 2 Type II and HITRUST, and compliant with applicable regulatory requirements such as HIPAA, GDPR and CCPA.
Collaborate with Zoom teams to determine documentation and change impacts, and support these teams to drive adoption.
Partner with Program Managers to integrate documentation and engagement activities into the project schedule and manage and mitigate risks.
Plan engagement activities and employ change management strategies to ensure successful program execution.
Write and/or edit technical documents, including policies, procedures, and standards.
Apply a security change management process and associated tools to create a plan to support
adoption of the changes required by a security project or initiative.
Develop outlines and drafts for review and approval by security leadership and compliance
management ensuring that final deliverables meet applicable technical industry and
Conduct audience analysis to determine learning objectives and methods.
Translate security technical process information into user-friendly content.
Provide expertise in the creation, implementation and maintenance of appropriate policies, and
procedures to be compliant with applicable technology, regulatory and compliance
requirements including ISO 27001, SSAE 18 (SOC 2 Type II), and HIPAA.
Assist in the policy lifecycle by monitoring changes to the standards and regulatory landscape
as it pertains to the organization.
Create a communication plan to bring awareness of scheduled Information Security
Consult relevant regulatory, information sources and resources, and technical documents, to
obtain background information and verify pertinent guidelines and regulations governing
technical documentation deliverables are applied.
Manage the tracking, monitoring and document control of security documents.
Assist in compliance audits working with qualified security assessors, engineers, and
Make recommendations to management at all levels to ensure that appropriate levels of compliance are maintained. Continuously promote security awareness and work with stakeholders on improving security communications.
Passion for self-development, seeking to expand knowledge and perform duties outside of expertise in order to develop and diversify skills.
Collaborate with cross-functional team members to achieve program success.
Certification in Change Management
Project management experience
Experience with PowerPoint or presentation software, graphics, and user design
Experience drawing and designing data flow/architectural diagrams, and gantt charts
Experience working in video communications, technology, or financial services industry.
Security certifications such as SSAP, CSAP, Security+, CISA, CISM, CISSP, GIAC
- Bachelor’s degree in Technical Writing, English, Computer Science or Business Administration or equivalent combination of education and experience
3 or more years of experience in the compliance governance, risk or cyber security field
Knowledge of published security standards (NIST, OWASP, ISO, SOC2)
Experience delivering documentation to both technical and non-technical audiences
Must be able to effectively communicate with varied company stakeholders utilizing
excellent verbal and written communication skills
Ability to establish credibility and working relationships with a wide range of corporate
personnel, including operations, management, executive and legal staff as well as external personnel, including auditors and customers
Ensuring a diverse and inclusive workplace where we learn from each other is core to Zoom’s values. We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records as well as any qualified applicants requiring reasonable accommodations in accordance with the law.
We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.
All your information will be kept confidential according to EEO guidelines.
Hear from our leadership team
Browse Awards and Employee Reviews on Comparably
Visit our Blog
Zoom with us!
Find us on social at the links below and on Instagram