Calix Inc.

Information Security Analyst

US-CA-San Jose | US-CA-Petaluma
Job ID
4247
Category
Information Technology
Position Type
Full Time

Overview

We at Calix wake up every day and think about one thing – the best way to connect the device-enabled subscriber and the cloud-enhanced Internet of Everything. It’s a noble cause, and one that we share with a finite group of communications service providers (CSPs) around the world whose networks and software define the broadband experience of subscribers everywhere. As the leading provider of innovative communications software, systems, and services to these CSPs, our role is to provide the vision, the insights, and the solutions to enable them to be the service provider of choice to their subscribers.

 

This formula has worked. As Calix Software Defined Access and Calix Cloud innovations and value-added services enable our customers to transform their businesses and be the winning CSPs of tomorrow, they reward us with double-digit growth and extraordinary loyalty. It’s a virtuous cycle, and as a half-billion dollar start-up, it’s one that is just getting started.

 

Do you share our passion and want to learn more? 

 

Calix is seeking a strategic thinker, team player, and self-motivated problem solver to join the Information Security team as Information Security Analyst. The Information Security Analyst will work with other areas of the organization to define and implement changes to current security systems, policies and procedures while coordinating compliance audits and reviews with external entities and for third-party service providers.  They will lead and maintain an Incident Response Plan and assist with Security Awareness, Disaster Recovery and other IT governance processes as needed.

Responsibilities

  • Develop, document and establish formal security policies, practices and procedures that are in compliance with applicable laws, regulations and best practices.  Update and maintain all documents on an annual basis.
  • Perform compliance assessments to determine if systems and controls meet regulatory requirements, industry standards, and best practices and conform to information security policy, procedures, and standards
  • Establish standard audit reporting policies, procedures and reports to support required compliance processes.
  • Monitor for new compliance regulations, assess the impact to the organization, and work with the impacted IT and business units to ensure compliance.
  • Be an active member of the Security Awareness Committee to support and contribute to establishing a corporate culture that is committed to information security best practices.
  • Prepare presentations, informational articles, educational and training materials to promote security awareness.
  • Coordinate an annual security assessment by an external security firm including an RFP from vendors, the selection of the vendor, the actual assessment and implementation of changes to address any assessment findings.
  • Facilitate other external compliance audits as needed.
  • Assist with the general evaluation of security programs for third-party service providers to ensure compliance with minimum standards. Oversee a program to regularly review and audit service providers to validate ongoing compliance.
  • Develop and maintain a Data Breach Incident Response plan and participate in regular Incident Response planning discussions and exercises.
  • Gather, prepare and develop security/compliance metrics, KPIs and other reports and present to management, executives and the Board of Directors.

Qualifications

EDUCATION:

Bachelor's Degree in Computer Science, Information Systems or equivalent and continued field specific education.

 

EXPERIENCE:

3-5 years experience in IT audit/compliance or related information security experience. Insurance industry knowledge/experience preferred.

 

PREFERRED QUALIFICATIONS:

 

Security certifications, such as: CISSP, GIAC, Security+, etc.

 

OTHER:

 

 

  • Knowledge and understanding of applicable information security standards and frameworks such as NIST, CSC Top 20, ISO, SOC II, PCI, etc.
  • Knowledge and understanding of relevant federal and state statutes and regulations regarding data privacy, cyber security, and other applicable requirements.
  • Understanding of information security principles, standards and best practices as well as fundamental IT concepts, tools and technologies.
  • Possess strong oral and written communication skills with technical writing experience.
  • Have keen analytical skills with strong problem solving abilities.
  • Ability to work cooperatively with technical and non-technical system users and industry vendors.
  • Good listening skills as well as the ability to competently train others.
  • Working knowledge of networks, TCP/IP, and related services 
  • Hands on experience with Windows and UNIX (Linux, AIX, Solaris, etc) platforms 
  • Basic knowledge of the following concepts and/or tools: 
    • Cryptography 
    • PKI 
    • DR/BC 
    • Network and application security, and related firewalls 
    • LDAP
    • Virus detection and end point security 
    • Identity and access management, single sign-on, and related tools 
    • Vulnerability scanner and penetration testing tools 
    • IDS/IPS and related tools 
    • SIEM and tools 
    • Compiled and interpreted programming languages and scripting 
    • Common web application security vulnerabilities 
Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed