Governance, Risk, and Compliance Analyst III

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.

Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.

Position Summary

AGovernance, Risk and Compliance(GRC)AnalystIIIisa Cybersecurity professionalresponsiblefor the maintenance and support ofCybersecurity’smany programs(including risk management, compliance, vulnerabilitymanagementand security awareness training)that meets the parameters prescribed by the Office of the CISO for the organization.

Primary Responsibilities

An individual contributorintheCybersecuritydepartment that is chartered withsupporting the company’s Cybersecurity program, withemphasisoncustomersecurityquestionnaires,assessments/audits and securityrisk managementsupport. Responsible forassistingwith management,monitoringand improving customer security questionnaire program and withcompany’s security risks, security compliance guidelines and controls, and development / dissemination of best-practice standards,policiesand procedures.The individual will work with various functions throughout the enterprise to evaluate the design and effectiveness of the control environment and maintain the security posture of the program.

• Responsible for upholding F5’s Business Code of Ethics and for promptly reporting violations of the Code or other company policies.

• Provide daily support to security-relatedservices, including security assessments and the information security management systems program.

• Assistas escalation point for support requests related to Information Security Programs

• Lead and improve support ofcustomersecurityquestionnaires,assessmentsor audits

• May work with Legal and/or Privacy department to understand regulatory and contractual information security obligations

• Review security bulletins and related news; staying apprised of current threats and trends

• Assistwithsecurityrisk management

• Supportsecurityrisk management,issuesmanagement, andpolicy exceptions

• Monitor internal compliance against information security governance frameworks by conducting routine testing and internal control reviews as well as enterprisesecurityrisk assessments

• Identifyand communicate control gaps, evaluate management remediation action plans, and provide ongoing monitoring of resolution

• Maintain awareness of external regulations and industry standards for new or modified requirements (FedRAMP, GDPR, PCI-DSS, CCPA, NIST800-53, ISO27001, etc.)

• Performs other related duties as assigned.

• The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.

Knowledge,Skillsand Abilities

• Strong familiarity with systems and network infrastructure security technologies, including application/OS hardening techniques, network protocols, network & application firewalls, intrusiondetection systems.

• Strong hands-on familiarity with securityrisk-assessmenttools & techniques (vulnerability testing, penetration testing, social engineering,etc.).

• Sophisticated program/project management abilities.

• Recognizes that policies must be conceived and implemented in the context of a multifaceted, customer-oriented, for-profit business environment.

• Sophisticated written & verbal communications; outstanding interpersonal, planning, documentation, organization, andproblem-solvingskills.

• Extensive ability to act independently; connect with people at all levels in thecompany andtake initiative to engage internal & external personnel/services to ensure effective & reliable systems.

• Foreign language skillsa plus.

• Experienceworking in ateam to achieve positive results.

Qualifications

• BS/BA or equivalent work experience insecurityrelated field

• 6+ years ofrelevantwork experience

• 4+ years working experience as a security analyst or equivalent

• Industry relevant certifications such as CISSP, CRISC, CISA, CISM, CGEIT, etc.

• Knowledge with common compliance frameworks like the CIS Critical Controls, NIST SP800, ISO27001

Physical Demands and Work Environment:

• Duties are performed in a normal office environment while sitting at a desk or computer tableandhavethe ability to work remotely.

• Duties require the ability toutilizea computer, communicate over the telephone, and read printed material.

• Duties may require being on call periodically and working outside normal working hours (evenings and weekends).

• Duties may require the ability to travel via automobile or airplane,approximately 5% of the time spent traveling.

In addition, we will need you to meet F5, customer, and/or government security screening requirements for this role. The background investigation may review an applicant’s actions, relationships, and experiences goingback10 years.

The Job Description is intended to be a general representation of the responsibilities and requirements of the job.However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.

Our Values

At F5, we live and breathe our core values, Excellence, Integrity, Collaboration, Customer Dedication, Profitable Growth, Innovation, Employee Success, and Diversity. We help each other achieve our goals, value the diversity of ideasdifferent backgroundscan bring, emphasize teamwork over rock-stars, work hard and most of all have fun.

We offer work/life integration programs like Freedom to Flex, dynamic employee inclusion groups, paid maternity/paternity leave, tuitionassistancefor professional development, a comprehensive mentoring program, rewards/recognition, and so much more. At F5, we truly do help each otherthriveand it shows: F5 has been named one of the “World’s Most Admired Companies” by Fortune magazine for the past two years.

And this dedication to living our culturedoesn’tjust exist within our offices; it extends into our communities through Global Good initiatives such as employee matching, volunteer opportunities, and the F5 Foundation. Our employees are passionate about making a difference in the world.

This is a once-in-a-lifetime opportunity to become part of a companythat’son the forefront of transformation. And because we know that a more diverse F5 is a more powerful F5,we’relooking for smart, passionate, determined individuals to join us. If you make thoughtful decisions quickly, obsess over your customers’ needs, take ownership of your work (the mistakes as well as the successes), and embrace different perspectives by putting the human first, then we want to talk to you.

F5 Inc. is an equal opportunity employer and strongly supports diversity in the workplace.

We will ensure that individuals with disabilities are provided reasonable accommodation toparticipatein the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment.
#LI-KA1

The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.

The annual base pay for this position is: $112,800.00 - $169,200.00

F5 maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, geographic locations, and market conditions, as well as to reflect F5’s differing products, industries, and lines of business. The pay range referenced is as of the time of the job posting and is subject to change.