Security and Compliance Analyst

Buildertrend

Build your career at Buildertrend, ranked #1 in Best Places to Work in Omaha 2019, 2020 and 2021!


the job

 

The Security and Compliance Analyst is responsible for executing the strategic vision of the Security and Compliance Program at Buildertrend. This vision is to govern Security, Risk and Compliance activities and initiatives to ensure internal and external regulatory compliance, minimize risk, and protect from undue IT security threats and vulnerabilities. The Security and Compliance Analyst is a skilled IT professional who uses knowledge of the IT environment and a risk-based approach to monitor and enforce organization wide IT standards, policies and procedures. This role has the primary responsibility of running day to day execution of Security and Compliance priority projects and serves as ambassador to both internal and external stakeholders regarding Security and Compliance related efforts.

 

things to look forward to

 

  • Implements Information Security Management Systems (ISMS) standards (e.g. ISO 27001).
  • Prepares the Company-wide Information Technology security plan.
  • Performs annual PCI and HIPAA audits.
  • Enforces security best practices
  • Monitors for Zero Day vulnerabilities and addresses in a timely manner to minimize business impact.
  • Interfaces with existing and prospective customers on security audits and inquiries.
  • Conducts internal and facilitates external audits and pen tests for all compliance requirements.
  • Participates in SSAE 18 interviews with auditors.
  • Monitors and responds to security and compliance related alerts.
  • Monitors and reviews security logs.
  • Performs security reviews for software releases.
  • Participate in the Incident Response Team when an incident is detected as defined by the organizations Incident Response Policy.
  • Cultivates, reviews, and interprets new sources of information on current and emerging laws, rules, regulations, and industry practice relating to Information Technology security and compliance.
  • Develops a cost-effective Information Technology security program for the Company including policies, procedures, guidelines, awareness and training plan, overall security infrastructure, and monitoring.
  • Works as a liaison with state and federal authorities requiring information and reports on security incidents.
  • Develops, implements, and provides training policies, standards, guidelines, and security monitoring processes in relation to general control, security programs, privacy regulations, and development and operation of the Company’s infrastructure.
  • Implementation of required security regulations and to provide ongoing compliance monitoring and education on security.
  • Ensures and monitors vendor and partner compliance.
  • Interact and negotiate with vendors, outsourcers, and contractors to support security and compliance related products and services on behalf of clients


The Systems & Tools:

 

  • Crowdstrike
  • Endpoint Compliance Manager
  • Microsoft 365 Security & Compliance Modules
  • GRC Management Platform
  • JIRA
  • ADO
  • All IT infrastructure tools and systems


the preferred candidates

 

  • Requires 4+ years in Information Technology
  • Requires 1+ years in IT Security, Audit and Compliance in a like-sized corporate systems environment
  • Certified Information Systems Auditor (CISA)
  • Expertise in IT security with verifiable knowledge in the following areas:
    • Payment Security:   PCI-DSS, PA-DSS, P2PE, ECB and other Payment Security Standard and Framework
    • Healthcare Security:   HIPAA, HITRUST and other Healthcare Security Standards and Frameworks
    • Governance, Risk and Compliance Strategy and Program Management
    • Business Security Assessment (ISO 27002, SANS TOP 20 etc.) and Risk Analysis (ISO 27005)
  • Strong skills with developing a security and compliance policy and procedure frameworks
  • Assist in developing technical and security standards and best practices for development teams
  • Hands on experience with multi-layered defense security tooling
  • Proficient with SIEM technologies
  • Proficient with common security device functions, such as IDS/IPS, Network and Host-based firewalls, DLP (Data Leakage Protection), Advanced Threat, etc.
  • Proficient with common and/or advanced attack vectors and threat landscapes such as botnets, watering holes, spear phishing, DDoS, and advanced malware
  • Experience using Open Web Application Security Project compliant commercial and open source tools for performing penetration testing such as Nessus, Qualys & ZAP

 

perks and benefits

 

  • Health
  • Dental
  • Vision
  • 401 (k)
  • Paid Time Off
  • Team Happy Hours
  • Bottomless Soda Pop
  • Relaxed Dress


about us


Buildertrend is cutting-edge, cloud-based project management software. With nearly 1 million users across the globe, we empower the construction industry with a better way to build. Our software helps construction professionals build more projects while reducing delays, eliminating communication errors, and increasing customer satisfaction. From Estimating, Scheduling, and Change Order features to Client Communication and Document Management tools, our feature set is here to streamline every aspect of the construction process. As a partner in our customers’ success, our team provides unmatched support, every step of the way. At Buildertrend, we believe in providing an all-in-one solution to solve real problems, deliver real results, and change the way the world builds.

 

Founded in Omaha in 2006, Buildertrend is quickly becoming the industry standard. Buildertrend is changing the way the world builds. Using technology to bring all parties together, Buildertrend has quickly become the product of the future. The innovative solutions and team atmosphere are what makes Buildertrend one of the hottest employers in Omaha. 

If you want to learn more about us, check out:  http://buildertrend.com/about.aspx

 

Come be a part of the fun and challenging environment at our new headquarters conveniently located off 120th and I-80.

 

equal opportunity employer

 

At Buildertrend, we value diversity and treat all employees and job applicants based on merit, qualifications, competence, and talent. We are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates without regard to race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. Buildertrend believes that diversity and inclusion among our team is critical to our success as a company, and seek to recruit and retain the most talented people from a diverse candidate pool.

 

To see the complete list of Essential Job Functions, click here  https://buildertrend.com/essential-job-functions-notice/

Job ID: 7480

Posted 20 days ago

Share This Job