Dell Advisor, Product Manager-Security in Arizona
Why Work at Dell?
Endless challenges and rewards. Opportunities on six continents. A team of colleagues fueled by collaboration. All this, and a company deeply committed to integrity and responsibility.
Virtustream, a Dell Technologies business, is the enterprise-class cloud company that is trusted by organizations worldwide to migrate and run their mission-critical applications in the cloud. For enterprises, service providers and government agencies, Virtustream’s xStream® Management Platform and Infrastructure-as-a-Service (IaaS) meets the security, compliance, performance, efficiency and consumption-based billing requirements of complex production applications in the cloud – whether private, public or hybrid.
In this role, the employee will be responsible for supporting the goals, strategy and methodologies related to internal corporate and client-based Security, Compliance and Regulatory activities for Portfolio Strategy and Management. This person will also be responsible for assisting in the establishment of corporate standards for internal and external Products used by Virtustream and their clients within the internal cloud environment.
Roles and Responsibilities:
Report and assist the Director of Security and Compliance\Federal Compliance Manager.
Assist with documenting and regularly reviewing security policies, processes and procedures
Assist in the creation, generating, and updating of Plans of Action and Milestones (POA&M).
Assist with performing SSAE, SOC2, PCI/DSS, ISO, NIST and other framework gap analysis and remediation efforts.
Assist with FedRAMP continuous monitoring and compliance activities.
Act as IT security liaison between external clients and internal teams to assess risk, identify, develop, and enforce policies, procedures and internal controls.
Help identify, implement, and maintain appropriate security and compliance measures.
Leverage dashboards or platform specific consoles and repositories including third party security services associated with security processes and tools to represent threats and vulnerabilities in the product environments.
Contribute to security awareness and training activities.
Assist in ensuring departmental goals are achieved, timelines are met, and service excellence is provided in all aspects of security work.
Perform other security related tasks such as responding to incidents and emergency situations, as needed.
Required Experience :
The successful candidate will have experience in many or all of the following:
Minimum of five (5) years of general and broad-based experience in the Information Technology (IT) field to include the information system authorization to operate (ATO) process used in the Federal environment.
Experience with the following security frameworks: ISO, CSA CCM, PCI, FISMA, HIPAA, NIST, SSAE, SOC2, and FedRAMP.
CISA or CISM
Working knowledge of NIST SP800-37 rev.1, and NIST SP800-53 rev. 4.
Firm understanding of cloud-based information systems and network architecture
Hands on experience with security tools including centralized logging, vulnerability scanning, firewalls, intrusion detection and SEIM tools
Experience developing or enhancing security policies and procedures
Sound knowledge of Federal IT Compliance Standards
Working knowledge of virtualization technologies
Excellent MS office, Vision, Project skills
The successful candidate will:
Be able to work effectively in the High Tech, high pressure business culture.
Be dynamic and creative – with a desire to work in a rapidly evolving organization.
Be able to work within a team as well as alone.
Have the ability to prioritize and meet deadlines.
Have flexibility and desire to travel, as client assignments require.
Have good communication skills
Possess enthusiasm and drive
Align with corporate cultural
Preferred Education and Experience:
CISA CISM Certification highly preferable
At least 5 years experience in a fast paced, cloud based Security and Regulatory Information Technology and/or IT Security environment
This position is performed in an office setting. There are times when the position will require work in a data center. Occasional travel, including operating a motor vehicle, may be necessary.
Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Dell