Governance, Risk, and Compliance Analyst III

Position Summary

AGovernance Risk and Compliance(GRC)AnalystIIIisa Cybersecurity professionalresponsiblefor the maintenance and support ofCybersecuritysmany programs(including risk management compliance vulnerabilitymanagementand security awareness training)that meets the parameters prescribed by the Office of the CISO for the organization.

Primary Responsibilities

An individual contributorintheCybersecuritydepartment that is chartered withsupporting the companys Cybersecurity program withemphasisoncustomersecurityquestionnairesassessments/audits and securityrisk managementsupport. Responsible forassistingwith managementmonitoringand improving customer security questionnaire program and withcompanys security risks security compliance guidelines and controls and development / dissemination of best-practice standardspoliciesand procedures.The individual will work with various functions throughout the enterprise to evaluate the design and effectiveness of the control environment and maintain the security posture of the program.

• Responsible for upholding F5s Business Code of Ethics and for promptly reporting violations of the Code or other company policies.

• Provide daily support to security-relatedservices including security assessments and the information security management systems program.

• Assistas escalation point for support requests related to Information Security Programs

• Lead and improve support ofcustomersecurityquestionnairesassessmentsor audits

• May work with Legal and/or Privacy department to understand regulatory and contractual information security obligations

• Review security bulletins and related news; staying apprised of current threats and trends

• Assistwithsecurityrisk management

• Supportsecurityrisk managementissuesmanagement andpolicy exceptions

• Monitor internal compliance against information security governance frameworks by conducting routine testing and internal control reviews as well as enterprisesecurityrisk assessments

• Identifyand communicate control gaps evaluate management remediation action plans and provide ongoing monitoring of resolution

• Maintain awareness of external regulations and industry standards for new or modified requirements (FedRAMP GDPR PCI-DSS CCPA NIST800-53 ISO27001 etc.)

• Performs other related duties as assigned.

• The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However the description may not be all-inclusive and responsibilities and requirements are subject to change.

KnowledgeSkillsand Abilities

• Strong familiarity with systems and network infrastructure security technologies including application/OS hardening techniques network protocols network & application firewalls intrusiondetection systems.

• Strong hands-on familiarity with securityrisk-assessmenttools & techniques (vulnerability testing penetration testing social engineeringetc.).

• Sophisticated program/project management abilities.

• Recognizes that policies must be conceived and implemented in the context of a multifaceted customer-oriented for-profit business environment.

• Sophisticated written & verbal communications; outstanding interpersonal planning documentation organization andproblem-solvingskills.

• Extensive ability to act independently; connect with people at all levels in thecompany andtake initiative to engage internal & external personnel/services to ensure effective & reliable systems.

• Foreign language skillsa plus.

• Experienceworking in ateam to achieve positive results.

Qualifications

• BS/BA or equivalent work experience insecurityrelated field

• 6 years ofrelevantwork experience

• 4 years working experience as a security analyst or equivalent

• Industry relevant certifications such as CISSP CRISC CISA CISM CGEIT etc.

• Knowledge with common compliance frameworks like the CIS Critical Controls NIST SP800 ISO27001

Physical Demands and Work Environment:

• Duties are performed in a normal office environment while sitting at a desk or computer tableandhavethe ability to work remotely.

• Duties require the ability toutilizea computer communicate over the telephone and read printed material.

• Duties may require being on call periodically and working outside normal working hours (evenings and weekends).

• Duties may require the ability to travel via automobile or airplaneapproximately 5% of the time spent traveling.

In addition we will need you to meet F5 customer and/or government security screening requirements for this role. The background investigation may review an applicants actions relationships and experiences goingback10 years.

The Job Description is intended to be a general representation of the responsibilities and requirements of the job.However the description may not be all-inclusive and responsibilities and requirements are subject to change.

Our Values

At F5 we live and breathe our core values Excellence Integrity Collaboration Customer Dedication Profitable Growth Innovation Employee Success and Diversity. We help each other achieve our goals value the diversity of ideasdifferent backgroundscan bring emphasize teamwork over rock-stars work hard and most of all have fun.

We offer work/life integration programs like Freedom to Flex dynamic employee inclusion groups paid maternity/paternity leave tuitionassistancefor professional development a comprehensive mentoring program rewards/recognition and so much more. At F5 we truly do help each otherthriveand it shows: F5 has been named one of the Worlds Most Admired Companies by Fortune magazine for the past two years.

And this dedication to living our culturedoesntjust exist within our offices; it extends into our communities through Global Good initiatives such as employee matching volunteer opportunities and the F5 Foundation. Our employees are passionate about making a difference in the world.

This is a once-in-a-lifetime opportunity to become part of a companythatson the forefront of transformation. And because we know that a more diverse F5 is a more powerful F5werelooking for smart passionate determined individuals to join us. If you make thoughtful decisions quickly obsess over your customers needs take ownership of your work (the mistakes as well as the successes) and embrace different perspectives by putting the human first then we want to talk to you.

F5 Inc. is an equal opportunity employer and strongly supports diversity in the workplace.