Druva is a leading provider of continuous data protection and disaster recovery solutions.
Druva delivers data protection and management for the cloud era. Druva Cloud Platform is built on AWS and offered as-a-Service; delivering globally accessible, infinitely scalable and completely autonomous enterprise data resiliency. Customers drive down costs by up to 50 percent by freeing themselves from the burden of unnecessary hardware, capacity planning, and software management. Druva’s patented cloud architecture transforms backup data into an asset, making it more open and accessible so customers can streamline governance, improve cyber resiliency, and gain critical insights to uncover opportunities and expedite decision making.
Druva has raised over $350m in venture capital, is trusted by over 4,000 global organizations and protects over 200 PB of data.
As the Security Analyst at Druva, you will be working in the team to provide a number of key requirements including customer and sales security needs, awareness, reporting, metrics and security research. You will understand how we explain and maintain security in all Druva current and future products, solutions and services.
You will provide security guidance and support on the existing and future Druva portfolio, solutions (e.g., managed services, cloud computing, etc.), and emerging technology. In addition, you will work with key customers and stakeholders to understand their compliance and data security motions to better describe, communicate and advocate for best of breed security.
This position requires a close working relationship with Druva security/privacy strategy and planning personnel (e.g., CISO, Sr. Director of Security Compliance, Privacy, Legal, Sales).
You will serve as a security expert for sales teams, other internal groups, customers and professional organizations in various technologies and platforms that affect infrastructure (such as applications, systems, virtualization, cloud, storage, networks, data centers, computing devices, messaging, monitoring systems, etc.) as well as specific areas (cyber security and information assurance; data privacy, and compliance; protection of information assets and systems from current and emerging threats).
- Work with other teams to assist with IS related questionnaires, surveys and inquiries
- Acts as a technical consultant on information security for solution development, service delivery and information exchange.
- Communicate and explain technical information security processes, procedures, policies and controls to laypersons and non-technical business personnel
- Create, update, and maintain security program documentation
- Work with Compliance team to ensure that the development of technical policies and procedures captures committed requirements from customers
- Assist in defining and executing security projects
- Research and report on latest information technology security trends
- Identify and assist in the resolution of hardware and software related security vulnerabilities
- Define user needs and recommend alternatives
- Other duties as assigned
- A minimum of 3 years of experience in the field of Information Security, IT Audit or related disciplines.
- Excellent time management and prioritization skills including the ability to meet deadlines, work under pressure, manage multiple simultaneous workstreams and resolve specific problems within stated deadlines.
- Prior experience Performing risk assessments, security engineering, incident, vulnerability, or other security functions.
- Ability to influence, obtain answers, be creative with a professional and positive attitude
- Have creative problem-solving skills and be attentive to detail and organized
- Ability to interpret and translate business requirements into technical security requirements that meet enterprise security standards and policies.
- Solid understanding of the commonly-used concepts, practices, and procedures within the Information Security field including, but not limited to cloud computing, system, network and application security, authN/authZ, encryption and similar concepts
- Knowledge of best practice security frameworks, commonly used risk assessment methodologies, industry recognized IT audit and controls standards and other industry resources.
- University degree or diploma in Computer Systems, Business or related discipline or equivalent experience.
- Strong communication skills including both technical and business writing, documentation and presentation skills.
- Demonstrable skills in project management.
- Possession or working toward achieving the following professional qualifications: CCSP, CISSP, CISA, CISM.