Product Security Analyst III

Job not on LinkedIn

🔥 5 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

ExtraHop

WebsiteLinkedInAll Job Openings

501 - 1000 employees

🔒 Cybersecurity

🔐 Security

🏢 Enterprise

💰 $41M Series C on 2014-05

Cybersecurity • Security • Enterprise

ExtraHop is a company that specializes in providing security and network management solutions, leveraging real-time analytics to help organizations detect and respond to cyber threats. By utilizing machine learning and other advanced technologies, ExtraHop offers deep visibility into IT infrastructure, ensuring optimal performance and robust security. Their platform aids enterprises in monitoring traffic patterns and identifying unusual activities to protect against data breaches and other cyber risks.

📋 Description

• Run FedRAMP Continuous Monitoring (ConMon) processes and ensure successful monthly reviews with ExtraHop and agency stakeholders; manage asset inventory, vulnerability scan findings, and the Plan of Action & Milestones (POA&M) document • Manage vulnerability detection and response pipelines, including tools, reporting and tracking • Lead the vulnerability management lifecycle: triage, reporting, coordination with system owners, and remediation tracking • Develop and provide vulnerability findings and responses for internal and external stakeholders, including customers • Collaborate with the Director of Product Security to handle customer and pre-sales security inquiries • Assist in addressing compliance requirements for various standards, (e.g., CSA STAR, ISO 27001, DoDIN APL, NIAP, FIPS, CMMC, IL4), supporting gap assessments and facilitating audits (including coordinating evidence collection and submission) • Develop a product security compliance roadmap and coordinate key activities across the organization to achieve milestones • Collaborate with Product Security team members to develop and improve standards, policies, procedures, documentation, and training • Work with security information & event management (SIEM) tooling and other systems to perform security investigations • Perform and/or lead security incident response activities • Participate in an on-call rotation with occasional after-hours paging to review carefully prioritized security detections

🎯 Requirements

• 5+ years of experience in cybersecurity, with a focus on compliance frameworks like FedRAMP, SOC 2, or similar • 2+ years of which should be hands-on experience specifically managing compliance programs, security assessments, or cloud security initiatives • Bachelors degree in a related field such as Cybersecurity, Computer Science, Information Systems, Engineering or other technical field • Direct experience with the FedRAMP compliance framework, including security control requirements, documentation and assessment methodologies • Technical knowledge of web application security and cloud security, including best practices and controls for cloud-based environments • Proficient with security tools, including vulnerability scanners, ticketing systems (e.g., Jira), compliance reporting platforms, and SIEM tools • Exceptional analytical skills to effectively manage and resolve security and compliance issues • Proven ability to communicate complex security concepts to technical and non-technical audiences • All R&D Employees will be required to attend 2 mandatory in-person events every year. These events are typically held in our offices in downtown Seattle and run 4-5 days each • Must be a U.S. citizen or national, U.S. permanent resident (current Green Card holder) or lawfully admitted into the U.S. as a refugee or granted asylum.

🏖️ Benefits

• Health, Dental, and Vision Benefits • Flexible PTO, Sick Time Prorated Based on Date of Hire, and All Federal Holidays (US Only) + 3 Days of Paid Volunteer Time • Non-Commissioned Positions may be eligible to participate in the Annual Discretionary Bonus Plan • FSA and Dependent Care Accounts + EAP, where applicable • Educational Reimbursement • 401k with Employer Match or Pension where applicable • Pet Insurance (US Only) • Parental Leave (US Only) • Hybrid and Remote Work Model