It's fun to work in a company where people truly BELIEVE in what they're doing!
We're committed to bringing passion and customer focus to the business.
As a key member of our Information Security department, you will participate in our vulnerability management process by managing customer PEN tests and performing internal infrastructure and application vulnerability scans. In addition, you will help customers realize the value of our integrated risk and compliance management products and services. In partnership with our RFP specialist, sales and legal functions, you will catalog and describe our technical capabilities and the security controls we have in place in order to drive revenue and customer retention.
We Offer You:
An innovative organization that is secure, growing and thriving with a reputation that we are proud to say is absolutely second to none
A workplace experience that is inclusive and based on our determination to retain you each day as well as enables you to learn, grow and develop your career, and people dedicated to your success at every level
Competitive pay with benefits that matter, including the time and flexibility to balance the multiple roles you play in life
What You Will Do:
Complete requests for proposal and technical questionnaires from prospects and customers
Assist in maintaining and refining a master database of technical responses
Help maintain technical policies and procedures used by Hosting, Product Engineering and Internal Infrastructure
Participate in business continuity exercises and the implementation of technical policies and procedures
Assist in customer on-site and remote audits
Coordinate application and infrastructure penetration (PEN) tests.
Participate and/or lead our vulnerability management process
Help prepare for and orchestrate operational and security assessments
What You Will Need:
Bachelor’s degree preferred with an emphasis on information technology or computer science
2+ years experience in networking, systems support, software development or information security
Existing or willingness to obtain security certifications (e.g. Security+, CISSP, CEH, etc.)
Working knowledge of any of the following tools: Rapid7 (InsightIDR, InsightVM, AppSpider Pro), BurpSuite Pro, Nmap
Experience with ISO 2700
Familiarity with creating and implementing technical and information security policies and procedures, and technical writing in a SaaS environment
Strong presentation skills, project planning and scoping experience
Excellent verbal and written communication skills and a commitment to collaborate with people across a variety of levels with different backgrounds
NAVEX Global is an equal opportunity employer, including disability/vets.
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!