Information Security Analyst

Denver, CO, United States

ForgeRock Solve any identity use case without breaking legacy systems. Get the ForgeRock identity Platform as-a-Service or push-button deployment to any cloud. View company page

At Ping Identity, we believe in making digital experiences both secure and seamless for all users, without compromise. We call this digital freedom. And it's not just something we provide our customers. It's something that inspires our company. People don't come here to join a culture that's built on digital freedom. They come to cultivate it.

Our intelligent, cloud identity platform lets people shop, work, bank, and interact wherever and however they want. Without friction. Without fear.

While protecting digital identities is at the core of our technology, protecting individual identities is at the core of our culture.We champion every identity. One of our core values, Respect Diversity, reminds us to celebrate differences so you are empowered to bring your authentic self to work.

We're headquartered in Denver, Colorado and we have offices and employees around the globe. We serve the largest, most demanding enterprises worldwide, including more than half of the Fortune 100. At Ping Identity, we're changing the way people and businesses think about cybersecurity, digital experiences, and identity and access management.

As an Information Security Analyst, you will develop an overall understanding and solid foundation in Information Security, Governance, Risk and Compliance. You will work with cross-functional teams, performing and improving the current control environment, promoting security awareness, and measuring control effectiveness. You will resolve security and process control problems. You will also support answering control environment or regulatory questions for Ping. You will help maintain standards and documentation. You will report to the Director of Compliance and Information Security.

You will:

Evaluate compliance with regulatory and compliance requirements.

Manage audits of services and solutions and maintain adherence to compliance and regulatory frameworks, such as ISO 27001, ISO 27017, ISO 27018, HIPAA, SOC 2, GDPR and CCPA.

Perform vendor security reviews for new and existing vendors.

Provide subject matter technical expertise on areas of security, privacy and regulatory compliance to support Ping Identity's interactions with customers while promoting assurance of Ping Identity's security and privacy program.

Perform recurring information security and compliance activities, including internal controls reviews. Review and update policies, procedures, and other security documents.

Develop audit runbooks to ease cross-training and audit preparation. Collaborate with control owners to assess audit evidence efficiency and control effectiveness.

You have:

3+ years of experience working with risk assessments, security controls, and compliance audits.

Understanding of effective security controls at the systems, network, and application level and how to apply with cloud-based services.

Knowledge of industry standard control frameworks and guidelines.

Experience applying risk management principles to security organizations.

Experience with vendor security reviews and security terms in vendor contracts.

You have an advantage if you have:

Experience reviewing and redlining security terms in contracts

Experience managing audits

Education Requirements:

Bachelor's Degree in business or computer related field or equivalent experience

Applicable certifications: SEC+, CISM, CISA

Life at Ping:

We believe in and facilitate a flexible, collaborative work environment. We’re growing quickly, but remain true to the innovative, can-do startup values that got us here. Most importantly, we keep hiring talented, smart, fun, and genuinely nice people because that’s who we want to succeed with every day.

Here are just a few of the things that make Ping special:

A company culture that empowers you to do your best work.

Employee Resource Groups that create a sense of belonging for everyone.

Regular company and team bonding events.

Competitive benefits and perks.

Global volunteering and community initiatives

Generous PTO & Holiday Schedule

Progressive Healthcare Options

Retirement Programs

Opportunity for Education Reimbursement

Commuter Offset (Specific locations)

Ping is the collective sum of all our individual experiences, backgrounds and influences and we pride ourselves in growing and learning together. We are committed to building an inclusive and diverse environment where everyone’s individuality is respected and everyone has an Identity. In recruiting for new colleagues, we welcome the unique contributions you can bring and encourage you to be your best self.

We are an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law.

Explore more InfoSec / Cybersecurity career opportunities Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

#J-18808-Ljbffr