Sr. Information Security & Compliance Engineer

Information Technology United States


What We Do:

Today the modern enterprise is an Enterprise of Things. We are on a mission to secure the Enterprise of Things with active defense by identifying, segmenting, and enforcing compliance of every connected thing. In real time. And at scale. Our unified security platform enables enterprises and government agencies to focus on Zero Trust segmentation, IT/OT convergence and OT/ICS innovation, all supporting our mission and vision.

Join us as we secure the world with our products. We are looking for resourceful and gritty individuals to collaborate as one team while ensuring a world-class customer experience. We are cyber-obsessed about addressing the world’s most challenging security problems. Innovation starts here, everyone’s ideas are valued, visionaries welcomed!

U.S. Citizenship required

What You Will Do:

The Information Security Compliance Engineer formulates recommendations and performs audits consistent with directives, policies, standards, and regulations. Work is judged primarily on overall results with great latitude in determining work methods and assignment requirements. Serves as a subject matter expert (SME) on governance and compliance frameworks, and acts as a liaison to the business. May also assist information security with monitoring and incident response when needed.

  • Design and update company compliance policies based on chosen Information Security frameworks
  • Lead and support efforts to audit controls and processes against company compliance polices
  • Act as the Subject Matter Expert on Information Security compliance frameworks/programs such as SOC2, NIST 800-171, NIST 800-53, and FedRAMP
  • Analyzes and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems, and monitors for compliance
  • Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance
  • Analyzes trends, news and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes plans for compliance and mitigation of risk; performs risk and compliance self-assessments, and engages and coordinates third-party risk and compliance assessments
  • Assess any changes or modifications to the environment from a security perspective and make any necessary recommendations
  • Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends
  • Responds to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement
  • Analyzes and develops information security governance, including organizational policies, procedures, standards, baselines, and guidelines with respect to information security and use and operation of information systems
  • Develop, maintain, and/or provide oversight for Information security, compliance, and Governance awareness and training programs
  • May monitor and/or administrate information security tools and alerting platforms, responding to incidents and/or projects as needed or requested

What You Bring To Forescout:

  • 5+ years of building and administrating security compliance programs
  • Experience with SOC2, ISO 27001/2, PCI DSS, NIST CSF, and 800 series, and similar security standards; FedRAMP exposure is a plus
  • Certifications such as CGEIT, CSSLP, CISSP, and AWS preferred
  • Hands-on experience with Information Security and IT Tools such as NAC, IDS/IPS, Firewalls, SIEM, Endpoint protection, ELK, Vulnerability management, CMS, etc.
  • Demonstrated ability to prioritize, work independently, and manage multiple projects
  • Must have strong analytical skills and be self-motivated, self-directed, well-organized, driven, proactive, and have a positive, can-do attitude
  • Strong verbal and written communication skills
  • Proven ability to work with worldwide teams

What Forescout Offers You:

  • Competitive compensation and benefits – we cover 95% of employee and dependents’ benefits premiums (US only), 401K match, generous PTO policy, and much more
  • Collaborative and innovative environment – make an impact on worldwide security while working on the hottest technology
  • Leadership that supports and encourages professional growth and development
  • Want a glimpse of Life @ Forescout? Check us out on Facebook and Instagram
  • Learn more at:  www.forescout.com

Where permitted by applicable law, the candidate must have received or
be willing to receive the COVID-19 vaccine by the date of hire to be considered for U.S.-based job (subject to reasonable accommodations based on disability or religion). Forescout Technology, Inc. is an Equal Opportunity Employer.


#LI-BS2

Forescout is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse workforce.