Zoom is seeking a talented Security Documentation & Engagement Specialist to join our cyber security team. The Security Documentation & Engagement Specialist will be responsible for curating Zoom security policies, procedures, standards, and guidelines in Zoom’s document library. You will engage with subject matter experts across the information technology and cyber security teams to ensure our security documentation is complete and accurate. Responsibilities include creating, updating, and maintaining security policies and procedures, maintaining a document library and knowledge base, writing technical documentation, contributing to communications, and collaborating with security partners. This position reports to the Manager, Security Documentation & Engagement.

The Security Documentation & Engagement Specialist should have a passion for leading focus group engagements, developing content and be able to work in a fast-paced environment, stay focused on producing quality technical documentation and meeting tight deadlines. The candidate will participate in requirements gathering meetings and attend audits to track documentation requests. Also, the candidate must have extensive experience with version control and a systematic approach towards publishing documents. Attention to detail is paramount to the success of this role.

General Functions And Outcomes

• Facilitate documentation sessions that capture accurate information for the creation, implementation and maintenance of appropriate policies, and procedures aligned with security standards such as the NIST Cyber Security Framework, ISO 27001, SSAE 18 SOC 2 Type II and HITRUST, and compliant with applicable regulatory requirements such as HIPAA, GDPR and CCPA.

• Collaborate with Zoom teams to determine documentation and change impacts, and support these teams to drive adoption.

• Partner with Program Managers to integrate documentation and engagement activities into the project schedule and manage and mitigate risks.

• Plan engagement activities and employ change management strategies to ensure successful program execution.

• Write and/or edit technical documents, including policies, procedures, and standards.

• Apply a security change management process and associated tools to create a plan to support

  adoption of the changes required by a security project or initiative.

• Develop outlines and drafts for review and approval by security leadership and compliance

  management ensuring that final deliverables meet applicable technical industry and

  compliance standards.

• Conduct audience analysis to determine learning objectives and methods.

• Translate security technical process information into user-friendly content.

• Provide expertise in the creation, implementation and maintenance of appropriate policies, and

  procedures to be compliant with applicable technology, regulatory and compliance

  requirements including ISO 27001, SSAE 18 (SOC 2 Type II), and HIPAA.

• Assist in the policy lifecycle by monitoring changes to the standards and regulatory landscape

  as it pertains to the organization.

• Create a communication plan to bring awareness of scheduled Information Security

  documentation initiatives.

• Consult relevant regulatory, information sources and resources, and technical documents, to

  obtain background information and verify pertinent guidelines and regulations governing

  technical documentation deliverables are applied.

• Manage the tracking, monitoring and document control of security documents.

• Assist in compliance audits working with qualified security assessors, engineers, and

  compliance teams.

• Make recommendations to management at all levels to ensure that appropriate levels of compliance are maintained. Continuously promote security awareness and work with stakeholders on improving security communications.

• Passion for self-development, seeking to expand knowledge and perform duties outside of expertise in order to develop and diversify skills.

• Collaborate with cross-functional team members to achieve program success.

​Minimum Qualifications

• Certification in Change Management

• Project management experience

• Experience with PowerPoint or presentation software, graphics, and user design

• Experience drawing and designing data flow/architectural diagrams, and gantt charts

• Experience working in video communications, technology, or financial services industry.

• Security certifications such as SSAP, CSAP, Security+, CISA, CISM, CISSP, GIAC

• Bachelor’s degree in Technical Writing, English, Computer Science or Business Administration or equivalent combination of education and experience

• 3 or more years of experience in the compliance governance, risk or cyber security field

• Knowledge of published security standards (NIST, OWASP, ISO, SOC2)

• Experience delivering documentation to both technical and non-technical audiences

• Must be able to effectively communicate with varied company stakeholders utilizing

  excellent verbal and written communication skills

• Ability to establish credibility and working relationships with a wide range of corporate

  personnel, including operations, management, executive and legal staff as well as external personnel, including auditors and customers

  Preferred Qualifications