Senior Information Security Analyst - Red Hat Information Technology (Brno Office, Czech Republic)

The Red Hat Information Technology team is seeking a Senior Information Security Analyst to join us in Brno Office, Czech Republic. In this role, you will serve as part of Red Hat's Information Security team, responsible for ensuring stakeholder security requirements necessary to protect the company and its business processes are adequately addressed in all aspects of enterprise architecture. Ensuring company information security policies, procedures, and standards support those missions and business processes are core of the role. A passion for communication and collaboration will be a strong foundation to your success in this role.

The position is allocated to Brno Office in the Czech Republic.

What you will do

• Ensure systems and architectures are compliant with the company’s Information Security Operating Guidelines and Enterprise Security Standard. Perform security reviews, identify gaps in security architecture, and develop remediation plans.
• Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment. Determine the security controls- that are required for information systems and networks to operate securely.
• Evaluate security architectures and designs for Software as a Service (SaaS) to determine the adequacy of security design and architecture proposed or provided in response to procurement requirements. Provide input on security requirements to be included in statements of work and other appropriate procurement documents.
• Develop and maintain relevant security policies, standards, and guidelines to address evolving security threats, best practices, and business needs.
• Develop and maintain positive working partnerships with stakeholders to maximize security outcomes while meeting business needs.

What you will bring

• Proven history of working in a position of trust.
• Ability to work as part of a globally distributed team using multiple communication methods to facilitate collaboration (e.g., chat, voice, video, email).
• Excellent verbal and written communication skills to convey information effectively and professionally to a wide variety of technical and non-technical audiences.
• Knowledge of concepts of computer networking, Linux and other operating systems, Kubernetes and other container management systems, public cloud providers such as AWS, Azure, and GCP, and their corresponding security concepts and methodologies.
• Knowledge of risk management processes, including methods for assessing and mitigating inherent and residual risk using STRIDE or similar methodologies.
• Knowledge of industry-standard and organizationally accepted analysis frameworks and certifications such as NIST CSF, CIS, ISO 27001, SOC 2, PCI-DSS, and FedRAMP.
• Knowledge of information security defense and vulnerability assessment tools and their capabilities, including IDS, IPS, SIEM, EPS, and vulnerability management.
• Knowledge of cryptography and cryptographic key management concepts.
• Knowledge of privacy principles, laws, and regulations such as GDPR and CCPA.
• Knowledge of network access, identity, and access management such as public key infrastructure, Oauth, OpenID, SAML, and SPML.

Preferred, but not required skills:

• Industry certifications such as Linux+, CISSP, CISA, or Security+ would be highly regarded.
• Familiarity with ServiceNow’s Policy & Compliance module, Vendor Risk Module and Vulnerability Response Module.

About Red Hat
Red Hat is the world’s leading provider of enterprise open source software solutions, using a community-powered approach to deliver high-performing Linux, cloud, container, and Kubernetes technologies. Spread across 40+ countries, our associates have the flexibility to choose the work environment that suits their needs from in-office to fully remote to office-flex. Red Hatters are encouraged to bring their best ideas, no matter their title or tenure. We're a leader in open source because of our open and inclusive environment. We hire creative, passionate people ready to contribute their ideas, help solve complex problems, and make an impact. Opportunities are open. Join us.

Diversity, Equity & Inclusion at Red Hat
Red Hat’s culture is built on the open source principles of transparency, collaboration, and inclusion, where the best ideas can come from anywhere and anyone. When this is realized, it empowers people from diverse backgrounds, perspectives, and experiences to come together to share ideas, challenge the status quo, and drive innovation. Our aspiration is that everyone experiences this culture with equal opportunity and access, and that all voices are not only heard but also celebrated. We hope you will join our celebration, and we welcome and encourage applicants from all the beautiful dimensions of diversity that compose our global village.

Equal Opportunity Policy (EEO)
Red Hat is proud to be an equal opportunity workplace and an affirmative action employer. We review applications for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, citizenship, age, veteran status, genetic information, physical or mental disability, medical condition, marital status, or any other basis prohibited by law.

Red Hat does not seek or accept unsolicited resumes or CVs from recruitment agencies. We are not responsible for, and will not pay, any fees, commissions, or any other payment related to unsolicited resumes or CVs except as required in a written contract between Red Hat and the recruitment agency or party requesting payment of a fee.

Red Hat supports individuals with disabilities and provides reasonable accommodations to job applicants. If you need assistance completing our online job application, email application-assistance@redhat.com. General inquiries, such as those regarding the status of a job application, will not receive a reply.