Senior Compliance Analyst *** FedRAMP, DoD, StateRAMP *** at Zscaler

| South Bay +1 more | Remote
Sorry, this job was removed at 5:41 p.m. (CST) on Thursday, February 3, 2022
Find out who's hiring remotely in San Francisco, CA.
See all Remote Data + Analytics jobs in San Francisco, CA
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Company Description
*** US Citizenship Required *** Due to nature of projects assigned.
Zscaler (NASDAQ: ZS) accelerates digital transformation so that customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange is the company's cloud-native platform that protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location.
With more than 10 years of experience developing, operating, and scaling the cloud, Zscaler serves thousands of enterprise customers around the world, including 450 of the Forbes Global 2000 organizations. In addition to protecting customers from damaging threats, such as ransomware and data exfiltration, it helps them slash costs, reduce complexity, and improve the user experience by eliminating stacks of latency-creating gateway appliances.
Zscaler was founded in 2007 with a mission to make the cloud a safe place to do business and a more enjoyable experience for enterprise users. Zscaler's purpose-built security platform puts a company's defenses and controls where the connections occur-the internet-so that every connection is fast and secure, no matter how or where users connect or where their applications and workloads reside.
Job Description
Performs FedRAMP, DoD, and StateRAMP continuous monitoring activities in support of Zscaler Federal and Commercial systems in accordance with the FedRAMP Continuous Monitoring Strategy Guide, FedRAMP Continuous Monitoring Performance Management Guide and any other applicable guidance or requirements:


  • Ensures that Zscaler Federal system are within FedRAMP Risk Management Deficiency triggers, including:
    • Operational Visibility: Unique vulnerability count increase, Compliance with scanning requirements, Remediation of High impact and Moderate impact vulnerabilities, Quality of deliverables
    • Change Control: Keeping abreast of all changes performed on Federal systems, including performing security impact analysis, writing Significant Change Requests (SCRs), and providing notice of changes to FedRAMP and customers
    • Incident Response: Assists the Zscaler security team by coordinating and performing incident notification in accordance with the FedRAMP Incident Communications Procedure and United States Computer Emergency Readiness Team (US-CERT) Federal Incident Notification Guidelines.
  • Analyzes vulnerability and operating system scans in accordance with FedRAMP Vulnerability Scanning Requirements Guidance.
  • Performs vulnerability remediation coordination activities with Zscaler Engineering and Operations teams.
  • Writes vulnerability deviation requests in accordance with Common Vulnerability Scoring System (CVSS) Specification Documentation and knowledge of internal systems and controls.
  • Develops and maintains FedRAMP Plan of Action and Milestones (POA&M) and FedRAMP Inventory Workbook.
  • Delivers Executive Summaries and internal ConMon reports, tracking vulnerability trends and other operational and security/compliance metrics.
  • Maintains and continuously improves the Zscaler Continuous Monitoring Plan.
  • Ensures quality of all ConMon deliverables and timely submission to approved repositories for FedRAMP PMO, JAB, DoD, StateRAMP, and customer review.
  • Supports the execution and completion of FedRAMP, DoD, and StateRAMP annual assessments, including analysis and remediation of findings, support in provision of evidence, and finalization of Security Assessment Plan (SAP), Risk Exposure Table (RET), and Security Assessment Report (SAR).
  • Coordinates with all applicable Zscaler teams to ensure successful execution of Incident Response and Contingency Plan Testing and Exercises.
  • Supports the Zscaler Security team in vulnerability and security event analysis, incident response lifecycle activities, and optimization of the Security Information and Even Management (SIEM) tool.
  • Support Zscaler's Compliance programs in both Public and Private sectors aligned with FedRAMP, SOC 2, CSA STAR and ISMS aligned with ISO27001 and ISO 27018 certifications
  • Work closely with Engineering, Operations and Customer Care teams to ensure sustenance of existing compliance posture and new compliance initiatives




  • 5+ years of direct continuous monitoring and vulnerability management experience on enterprise products or large enterprise
  • Experience in program or project management, auditing, and/or control framework development and implementation
  • Experience in compliance management related activities including Policy, Procedures and Standards documentation
  • Proven ability to work and effectively prioritize in a highly dynamic work environment
  • Professional certification such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) preferred
  • Strong understanding of Industry standard compliance frameworks and Cyber Security Best Practices

Additional Information
All your information will be kept confidential according to EEO guidelines.
What You Can Expect From Us:



  • An environment where you will be working on cutting edge technologies and architectures
  • A fun, passionate and collaborative workplace
  • Competitive salary and benefits, including equity

Why Zscaler?
People who excel at Zscaler are smart, motivated and share our values. Ask yourself: Do you want to team with the best talent in the industry? Do you want to work on disruptive technology? Do you thrive in a fluid work environment? Do you appreciate a company culture that enables individual and group success and celebrates achievement? If you said yes, we'd love to talk to you about joining our award-winning team.
Additional information about Zscaler (NASDAQ: ZS ) is available at .
Zscaler is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.


Read Full Job Description
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Candidate Location Eligibility:
San Francisco, CA

Technology we use

  • Engineering
  • Sales & Marketing
    • C#Languages
    • C++Languages
    • JavaLanguages
    • JavascriptLanguages
    • PythonLanguages
    • PipedriveCRM
    • MarketoLead Gen

An Insider's view of Zscaler

What are some social events your company does?

Here at Zscaler, we know how to have fun! Many of us participate in events ranging from celebrating cultural events, Intern Expos, Family Fun Day, International Women's day, to organizational off-sites.

We are able to find ways to celebrate anything from annual Employee Work Anniversaries to being recognized as a Great Place to Work company!


Talent Ops Specialist

What kinds of technical challenges do you and your team face?

One challenge my team faces is staying ahead in the ever-changing tech landscape. We’re tackling this by building a library of widgets, or carefully designed, reusable pieces of code, so we can keep our tech stack dynamic. The goal is to be able to plug these widgets into any of our products, reducing redundancy and keeping things loosely coupled.


Software Engineer

What are Zscaler Perks + Benefits

Volunteer in local community
Friends outside of work
Eat lunch together
Intracompany committees
Open door policy
Team owned deliverables
Team based strategic planning
Open office floor plan
Unconscious bias training
Diversity Employee Resource Groups
Hiring Practices that Promote Diversity
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Dental Benefits
Vision Benefits
Health Insurance Benefits
Pet Insurance
Onsite Gym
Retirement & Stock Options Benefits
Company Equity
Employee Stock Purchase Plan
Vacation & Time Off Benefits
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Company Outings
Game Room
Stocked Kitchen
Some Meals Provided
Happy Hours
Professional Development Benefits
Job Training & Conferences
Tuition Reimbursement
Lunch and learns
Promote from within

More Jobs at Zscaler

Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Zscaler's full profileSee more Zscaler jobs