Staff Controls Assurance Analyst

Vollzeit
vor 7 Monate

Get to know Okta

Okta is The World’s Identity Company. We free everyone to safely use any technology—anywhere, on any device or app. Our Workforce and Customer Identity Clouds enable secure yet flexible access, authentication, and automation that transforms how people move through the digital world, putting Identity at the heart of business security and growth. At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we’re looking for lifelong learners and people who can make us better with their unique experiences. Join our team! We’re building a world where Identity belongs to you.

The Security Compliance team’s mission is to strengthen Okta’s position as the leading Identity-as-a-Service solution through a security-first approach to compliance.  We are looking for someone with a strong compliance background and experience in the technical implementation of security controls from SOC2, ISO27001, and other international frameworks.  The right candidate will have participated in a mature ISMS program and will play a key role in providing customers with confidence in Okta’s leadership in the identity space.  As a Staff Controls Assurance Analyst you will perform and facilitate continuous monitoring activities, continuous assurance activities, and risk-based internal compliance assessments.

What you’ll be doing 

The ideal candidate will have hands-on experience with the technical implementation of SOC2 and ISO controls in a cloud-based environment using tools such as AWS, GCP, MongoDB, Splunk, Salesforce, Okta, ServiceNow, JIRA and others. The ideal candidate will also have experience performing continuous monitoring activities, experience performing IT audit assessments, and experience operating in a diverse team with various skill sets. This position requires a unique set of skills including project management, and an eye towards future standards and regulations that will impact our customers.  If you’re a self-starter who wants to make a difference in global cloud security, we want you on board.

  • Operate continuous security monitoring program
  • Perform continuous assurance/controls efficacy validation
  • Perform risk-based internal assessments of security control efficacy
  • Utilize a common control framework to perpetually validate the Okta security control environment
  • Manage issue creation and reporting of deviations based on monitoring and assurance activities
  • Communicate with process and control owners to help them understand the audit results, identify remediation options, and prioritize their closure
  • Maintaining well documented standard operating procedures for continuous assurance activities
  • Identify opportunities for improvement within the Compliance program and build plans to address them. 

What you’ll bring to the role

  • Bachelor’s degree or higher in Computer Science, Management Information Systems or Accounting, or equivalent experience
  • Comprehensive understanding of IT Security practices and the Governance, Risk, and Compliance lifecycle
  • In-depth knowledge in IT security frameworks and best practices, such as NIST-800 publications, FedRAMP, ISO 27001, CCM, and SOC2 Trust Principles and Criteria
  • Understanding of IT methodologies, such as software development lifecycle and operations
  • Experience managing a team of security professionals
  • Strong analytical and problem-solving skills and the ability to “think-out-of-the-box”
  • Strong oral, written and presentation communication skills
  • Able to work independently or with a team

And extra credit if you have experience in any of the following! 

  • Certified Information System Auditor (CISA)
  • Certified Information Systems Security Professional (CISSP)
  • Certificate of Cloud Security Knowledge (CCSK)
  • Familiarity with JIRA and Okta

Technical background:

  • IT Audit
  • continuous security monitoring program
  • continuous assurance/controls efficacy validation
  • compliance evidence automation and evidence repository
  • internal assessments of security control efficacy
  • Utilize a common control framework to perpetually validate the Okta security control environment
  • Manage issue creation and reporting of deviations based on monitoring and assurance activities
  • Communicate with process and control owners to help them understand the audit results, identify remediation options, and prioritize their closure
  • Maintaining well documented standard operating procedures for continuous assurance activities
  • Identify opportunities for improvement within the Compliance program and build plans to address them. 

 

What you can look forward to as an Full-Time Okta employee!

  • Amazing Benefits
  • Making Social Impact
  • Fostering Diversity, Equity, Inclusion and Belonging at Okta 

Okta cultivates a dynamic work environment, providing the best tools, technology and benefits to empower our employees to work productively in a setting that best and uniquely suits their needs. Each organization is unique in the degree of flexibility and mobility in which they work so that all employees are enabled to be their most creative and successful versions of themselves, regardless of where they live. Find your place at Okta today! https://www.okta.com/company/careers/.

Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws. If reasonable accommodation is needed to participate in the job application or interview process, please use this Form to request an accommodation.

Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Privacy Policy at https://www.okta.com/privacy-policy/.