ABOUT DIGICERT

We're a leading, global security authority that's disrupting our own category.  Our encryption is trusted by the major ecommerce brands, the world's largest companies, the major cloud providers, entire country financial systems, entire internets of things and even down to the little things like surgically embedded pacemakers.  We help companies put trust-and abstract idea-to work. That's digital trust for the real world.

 

 

POSITION

Security Policy Analyst

 

JOB DESCRIPTION

 

The Security Policy Analyst will play a pivotal role within the Policy and Governance team at DigiCert. This individual will be responsible for safeguarding DigiCert's digital assets against unauthorized access by crafting, monitoring, assessing, and refining security policies. With a focus on continuous improvement, the Security Policy Analyst will identify weaknesses in existing security measures and propose enhancements to fortify DigiCert's overall security posture.

 

RESPONSIBILITIES

Lead the design, refinement, and maintenance of comprehensive security policies, procedures, and standards. Ensure alignment of DigiCert's security policies with industry regulations, standards, and best practices. Conduct in-depth security assessments, including vulnerability scans, risk analyses, and penetration testing. Provide expert guidance and recommendations to teams across the organization on security-related matters. Foster collaboration and compliance with security policies among various departments and stakeholders. Proactively identify and address security threats, vulnerabilities, and emerging risks. Develop and execute a robust security awareness program to educate and empower employees. Review and analyze security audits, assessments, and incident reports to ensure adherence to policies and procedures.

 

REQUIRED QUALIFICATIONS

Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree preferred. 5+ years of progressive experience in cybersecurity, with a focus on policy development and governance. Strong understanding of security policy frameworks, risk management principles, and compliance requirements. Proficiency in conducting security assessments and utilizing tools such as vulnerability scanners and SIEM platforms. Excellent communication skills, with the ability to convey complex security concepts to technical and non-technical audiences. Demonstrated leadership abilities and experience collaborating with cross-functional teams. Relevant certifications such as CISSP, CISM, or CRISC are highly desirable. Experience working with security policy Familiarity with NIST 800 series and/or ISO 27001 Cybersecurity Framework

 

PREFERRED QUALIFICATIONS

Relevant certifications such as CISSP, CISM, or CRISC are highly desirable. Experience working in regulated industries such as finance, healthcare, or government is a plus.

 

BENEFITS

Generous time off policies Top shelf benefits Education, wellness and lifestyle support