IT Security Analyst
Who We Are:
Bandwidth (NASDAQ: BAND) is a global communications software company that helps enterprises connect people around the world with cloud-ready voice, messaging and emergency services. Backed by a network reaching 60+ countries covering 90 percent of global GDP, companies like Cisco, Google, Microsoft, RingCentral, Uber and Zoom use Bandwidth’s APIs to easily embed communications into software and applications. Bandwidth has more than 20 years in the technology space and was the first Communications Platform-as-a-Service (CPaaS) provider to offer a robust selection of APIs built around our own global network. Our award-winning support teams help businesses around the world solve complex communications challenges every day.
At Bandwidth, your music matters when you are part of the BAND. We celebrate differences and encourage BANDmates to be their authentic selves. #jointheband
What We Are Looking For:
The Information Security Engineer will provide daily support for the information security systems, tools and services for the local security operations of the business. The Information Security Analyst will be responsible for the establishment, monitoring, reporting, operations and support of global security platforms, services, and processes/workflows to ensure compliance with business and customer requirements. Manage security monitoring and vulnerability management processes of infrastructure, platforms, and cloud environments. Manage internal local incident response, analyzing threats, and making vulnerability assessments. Perform internal technical and audits under the guidance of the Local Information Security Officer and the GRC team.
What You’ll Do:
- Support local Bandwidth’s security tools and optimize productivity via integration and automation.
- Provide daily support for vulnerability management programs.
- Maintain operational documentation, workflows and assist in optimizing the security program by ensuring compliance to global security operations policies, standards, and processes.
- Research and provide guidance on zero-day vulnerabilities and emerging threats.
- Collaborate with local IT and business stakeholders to respond to security incidents and control remediation.
- Perform and oversee global proactive hunting for malicious activity analysis across the technology stack including endpoints, network, applications, and servers including IaaS, SaaS using security and monitoring tools to discover the source and impact of the anomalous security events.
- Manage relationships with external parties that provide operational support for Infosec (SOC, etc.)
- Perform and maintain technical and user audits to ensure compliance to Bandwidth contractual and regulatory obligations.
- Provide risk and updates to the Local Information Security Officer of new threats and compliance findings. Working closely with the Global Information Security team for support and alignment of findings.
Other duties and responsibilities may include:
- Participate in the ISC (Information Security Committee).
- Participate and assist with security and privacy incidents, handling, processing, response, and reporting.
What You Need:
- BS in Information Security, Computer Science, Business, or a related field or other equivalent combination of education and/or experience that is focused on Information Security/Privacy.
- 3+ years leading IT and/or Infosec Operations functions.
- 5+ years managing SecOps tools such as Vulnerability scanners and SIEM.
- 5+ years developing policies, processes, guidelines, workflows, and business processes.
- 2+ years leading technical and analytics teams.
- Strong analytical skills.
- People management, providing direction, guidance, and oversight staff and team members.
- Solid communication skills.
- Highest degrees of integrity and professionalism in frequent situations of confidentiality.
- Strong prioritization and completion skills.
- Cooperative and strong individual contributor.
- Certified Information Systems Security Professional (CISSP) or (CISM) degree.
The Whole Person Promise:
At Bandwidth, we’re pretty proud of our corporate culture, which is rooted in our “Whole Person Promise.” We promise all employees that they can have meaningful work AND a full life, and we provide a work environment geared toward enriching your body, mind, and spirit. How do we do that? Well…
- Work Laptop & Mobile phone with a competitive subscription plan, and an internet allowance to support the costs of the Internet at home
- We contribute 8% of monthly gross salary into your private pension
- Health & Travel insurance, with extensive coverage and a simple claim process
- Extensive employee assistance resources, offering advice, and support on a range of issues including childcare & eldercare research, debt & budgeting, and work-related issues
- Cycle to work scheme and an onsite gym
- 24 days annual leave per year and 1 additional day every 3 years
- Time-Off Embargo. When you take time off (of any kind!) you’re embargoed from working. Bandmates and managers are not allowed to interrupt your time-off – not even with email
- Additional time-off can be earned throughout the year through volunteer hours and Bandwidth challenges
- “Mahalo moments” program grants additional time off for life’s most important moments like graduations, buying a first home, getting married, wedding anniversaries (every five years), and the birth of a grandchild
- 90-Minute Workout Lunches and unlimited virtual meetings with our very own nutritionist
Are you excited about the position and its responsibilities, but not sure if you’re 100% qualified? Do you feel you can work to help us crush the mission? If you answered ‘yes’ to both of these questions, we encourage you to apply! You won’t want to miss the opportunity to be a part of the BAND.