Druva
Technology
StaffInformationSecurityAnalyst-SecurityAssurance
Neural analysis suggests this role is
optimal for Staff candidates.
“Staff Information Security Analyst - Security Assurance at Druva. Skills: Security assurance, Third-party risk management, Cloud security, Risk assessment. Provide expert internal support for security and compliance. Work with internal security teams”
Industry & Context.
Risk assessment; Threat modeling
What They're Looking For.
Must Have
10 years of experience in technology, 6+ years in cyber security
Nice to Have
Exceptional communication skills, Critical thinking ability, Bias for ownership & learning, Working protocol level understanding of At-Rest and In-Motion Encryption fundamentals, Key Management principles, Demonstrable knowledge of MITRE ATT@CK framework, OWASP Top-10 Web Application Vulnerabilities, Knowledge of AWS, Azure services, Technical Understanding of SaaS Multi-tenant architectures, Knowledge of network security, Knowledge of cloud security, Knowledge of application security, Ability to threat model, Assess security risk of interconnected systems, Background in security compliance, Background in Privacy frameworks, Tools to develop SBOM, Information gathering frameworks like SIG, Information gathering frameworks like CAIQ, Proven experience collaborating with sales, Proven experience collaborating with legal, Proven experience collaborating with engineering, Experience implementing TPRM tools, Experience using TPRM platforms, Familiarity with Security Scorecard, Familiarity with Bitsight, Experience in automating workflows, Demonstrable customer communication experience
What You'll Do.
Provide expert internal support for security and compliance
Work with internal security teams
Coordinate with internal security teams
Work with Engineering
Coordinate with Engineering
Work with Legal functions
Coordinate with Legal functions
Work with customer account teams
Coordinate with customer account teams
Provide timely responses to security queries
Provide high-quality responses to security queries
Manage incoming security support requests
Manage security focused questionnaires
Manage customer audits
Manage client-driven penetration tests
Develop customer facing security policies
Maintain customer facing security policies
Develop customer facing security documentation
Maintain customer facing security documentation
Manage Druva's online trust portal
Ensure customer security documentation is up to date
Ensure external artifacts are up to date
Evaluate strategy for third-party risk management program
Set strategy for third-party risk management program
Conduct holistic security assessments of vendors
Identify potential risks
Mitigate potential risks
Stay informed about security vulnerabilities
Stay informed about security incidents
Assess exposure through Druva’s vendor landscape
Drive risk-reduction in Druva’s External attack surface
Develop improvement strategy for phishing simulations
Execute improvement strategy for phishing simulations
Develop improvement strategy for security training
Execute improvement strategy for security training
How You'll Work.
Team & Collaboration
Internal security teams; Engineering teams; Legal functions; Customer account teams; Sales teams; Engineering teams
Communication Scope
Customer communication
Process & Methodology
Risk management
Full Job Description
About Druva You won’t just join a company at Druva, you’ll help shape the future of data security at the moment it matters most. We are building a modern standard with our cloud-native solutions, designed to simplify the toughest challenges in cyber resilience for our customers. As the pioneer and market leader in fully managed SaaS data protection, we help organizations secure and recover their data from ransomware, cyberattacks, and operational disruptions without the complexity, cost, or risk of legacy infrastructure. Our momentum is backed by the market: Druva was named a Leader in the 2025 Gartner® Magic Quadrant™ for Backup and Data Protection Platforms, a Leader in the 2025 IDC MarketScape for Cyber-Recovery, and a Leader & Outperformer in the 2025 GigaOm Cloud Data Protection Radar. Even better, customers validate that leadership every day through strong Gartner Peer Insights ratings, standout Net Promoter Scores (NPS), and top willingness-to-recommend results. Visit druva.com and follow us on LinkedIn, X and Facebook. Summary:- The Staff Technical Security Analyst, Security Assurance will be responsible for all activities directed at building trust and confidence in Druva’s data security, privacy, and compliance posture with prospects and customers. Additionally, they will be responsible for Druva’s Third-Party Risk Management program and drive execution and improvement in Druva’s security culture improvement initiatives around phishing and security awareness. Preferred Qualifications/Skills:- Exceptional communication skills, critical thinking ability and strong bias for ownership & learning Working protocol level understanding of At-Rest and In-Motion Encryption fundamentals (TLS/SSL, BCrypt, PKI, SHA1, AES etc) and Key Management principles Demostrable knowledge of MITRE ATT@CK framework, OWASP Top-10 Web Application Vulnerabilities and related risks and countermeasures Knowledge of AWS, Azure services and security controls native to them Technical Under
Applying for this Staff Information Security Analyst - Security Assurance role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
ANONYMOUS · UNFILTERED
What do employees actually say about Druva?
Real rants from real employees. Read before you apply.