Information Security Analyst

Other Remote, United States Chicago, Illinois Diamond Bar, California

About Liferay 

Liferay, Inc. is a uniquely profitable B2B enterprise software company with 1,000  fiery-eyed employees all across Europe, the Americas, Middle East, and Asia. As the leading provider of enterprise open source technologies, we have been recognized by Gartner for empowering businesses around the world to solve complex digital challenges.  Our flagship product is the Liferay Digital Experience Platform, which companies like HP, Domino’s, and Airbus use to build customized experiences for their customers and employees.  But we don’t just make awesome software, we are also fueled by a greater-than-profit vision. By building a vibrant business, making technology useful, and investing in communities, we make it possible for people to reach their full potential to serve others. We give our employees five days paid off to volunteer at charities they’re excited about, and Liferay donates 10% of our profits to charities around the world. Oh, we’re also self-funded which gives us the freedom to work on whatever we think brings the most value to customers and communities in the long run!

About You and this Role

You’re excited about the chance to help build out the Information Security team. You thrive on connecting creative ideas with people who can bring those ideas to life. The fact that Liferay is bursting at the seams with growth doesn’t intimidate you, but thrills you. You love to use data to drive decisions and enjoy seeing people grow alongside you. You love information security and seek to protect others. Do you want to be the Jack Ryan of Liferay’s Information security realm?

Key Objectives

  • Within 60 days, assisting the Information Security team members, you will analyze Liferay's processes with regards to information security and present your findings with solutions
  • Assist in the certification processes of Liferay products within 90 days
  • Prepare and run accurate reports from operational data
  • Assist in the coordination, documentation, and management of information security activities
  • Assist with information security certification activities
  • Assist with the preparation of providing services to the sales process
  • Develop information security procedures and guidelines
  • Establish and enforce organizational security standards
  • Evaluate new security technology and trends, and then makes recommendations to strengthen our information security environment
  • Research current industry practices and standards to improve information security
  • Support the resolution of information security issues
  • Familiar with the Incident Response procedures and implementations
  • Mentor and encourage the growth of other team members

Required Qualifications:

  • Bachelor’s Degree or equivalent from four year college or university in a STEM focused area
  • Ability to comprehend, analyze and interpret complex documents
  • Possesses strong communication and problem solving skills
  • Beginning knowledge of software development and information technology operations (DevOps)
  • Familiar with the Information Security and Cyber Security topics
  • Exceptional attention to detail and organization
  • Proficient in Microsoft Office or equivalent
  • Able to work independently and effectively as part of a team, while handling multiple tasks and responsibilities

Optional BUT highly desired Certifications and field knowledge:

  • Relevant experience with information security, control standards, and frameworks such as PCI DSS, ISO27001, SOC 1/2, and/or NIST 800-53.
  • Certified Information Systems Auditor (CISA) and/or Certified in Risk and Information Systems Control (CRISC)
  • Other certifications such as Certified Information Systems Security Professional (CISSP) 
  • Knowledge of industry regulations, risk management methodologies, operations or auditing
  • Experience with using GRC type software  to perform risk assessments

A preliminary background check must be completed before a new employee can begin work.  Information Security positions are subject to testing for illegal drug use and are subject to satisfactory security and suitability determinations.

What We Offer

  • Salary package w/ competitive benefits according to qualifications and experience
  • Opportunities to take responsibility and grow professionally
  • A positive and collaborative work culture
  • Working at a leading open source company

Equal Opportunities Employer - Statement

Liferay is committed to the equal treatment of all candidates, customers and employees and to fostering a culture of dignity at work. Our operating procedure provides for equal opportunities in recruitment and employment with the aim to eliminate discrimination against any job applicant or employee on the basis of race, age, sexual orientation, gender or gender reassignment, religion or beliefs, marital or civil partnerships status, family or dependency status, disability, pregnancy and maternity or membership of a traveling community.