What You’ll Do   

• Learn ZS technical implementation and map the security controls with MLPS requirements. 

• Perform audits in accordance with the plan based on various control frameworks and standards. 

• Establish, monitor, document, and update compliance controls and findings. 

• Create remediation plans based on findings and initiate projects, as necessary, in order to meet commitments made within remediation plans. 

• Participate in client directed audit, compliance initiatives and MLPS assessment as required.  

• Develop and update IT Policies, process maps, templates and supporting change management tools, as often as needed. 

• Assist in the development of training material in support of IT Policy adoption; participate in compliance training workshops, as needed. 

• Monitor compliance with existing IT Policies and supporting tools. 

• Liaison with ZS Client Teams and the ZS SaaS Hosting Team Manager to ensure that all mutually agreed upon business operations SLAs are met. 

• Assist with vendor review and selection in support of on-going internal and client directed compliance initiatives. 

• Assist the Legal team with the review of client contracts as it relates to technology specific compliance requirements. 

• Assist the Legal team with the interpretation of various China laws and technical compliance directives and determine potential impact to the organization. 

• Assist with the completion of client RFPs and RFIs as it relates to compliance. 

• Work with IT, consulting, SD Group and legal teams on compliance standards. 

• Represent ZS Information Technology Team in front of external auditor, help them understand our implementation as required by audit standards. 

• Proactively research and introduce industry best practices and techniques. 

• Establish policies, standards, practices and security measures to ensure compliance with accepted industry practices. 

• Coordinate and communicate with other functional groups throughout ZS and externally to ensure timely communication and incident resolution. 

What You’ll Bring   

• Bachelor's Degree in CS, IT or EE with record of high academic achievement. 

• 3.5+ years of experience of Cloud and on-premise infrastructure security audits. 

• Experience in participating audits, facing auditors – any experience on MLPS assessment is a plus. 

• In-depth understanding of IT security, controls, practices, and procedures 

• Functional knowledge of infrastructure technologies, cloud native services and security services. 

• Functional knowledge of SIEM tools like Splunk, CloudWatch etc. 

• Possess strong verbal, written and team presentation communication skills. 

• Ability to work within a global (US and India) team environment and contribute to the overall timely delivery of multiple projects. 

• Configuring security systems, analyzing security requirements, and recommending improvements. 

• Consulting with staff, managers, and executives about the best security practices and providing technical advice. 

• Experience of working in ITIL based environment. 

• Strong knowledge of Windows and Linux operating system administration. 

• Strong knowledge of load balancers like F5, AWS ELB and CDN technologies/services like Akamai and AWS CloudFront. 

• Strong command of networking and network security concepts. 

• Familiarity with AWS technologies and services. 

• Passionate about infrastructure and application security. 

• Automation mindset and basic knowledge DevOps methodology. 

• Experience of working in ITIL based environment.