Security Business Analyst

Sprinklr is a leading enterprise software company for all customer-facing functions. With advanced AI, Sprinklr's unified customer experience management (Unified-CXM) platform helps companies deliver human experiences to every customer, every time, across any modern channel. Headquartered in New York City with employees around the world, Sprinklr works with more than 1,000 of the world’s most valuable enterprises — global brands like Microsoft, P&G, Samsung and more than 50% of the Fortune 100.

Learn more about our culture and how we make our employees happier through The Sprinklr Way.

Job Description

Sprinklr is looking for a Lead Security Business Analyst for our Customer Trust Team who will partner with our Product, Legal, Privacy, Engineering, and other internal departments to directly support the security and compliance requirements of our critical customers, focusing on a small number of named accounts and their in-depth compliance and security requirements.

The Lead Security Business Analyst role is critical in supporting and maintaining trust with Sprinklr’s fintech customers by possessing technical knowledge and comprehensive understanding of cybersecurity, strong customer focus, and highly collaborative interpersonal skills

As a key partner to the Project Management and Success teams in the customer support process, the Lead Security Business Analyst will showcase our compliance and security program by sharing in-depth information with our financial customers, their auditors, and other stakeholders.

What You’ll Do

• Collaborate with various internal teams including Engineering, Cloud Engineering and Product Security to lead in-depth security and compliance discussions with large financial customers

• Coordinate and lead fintech customer security and compliance annual audits and quarterly risk assessments based on the Reserve Bank of India (RBI) cyber security guidelines for financial institutions

• Collaborate with Project Managers and business stakeholders to gather customer’s security and compliance requirements

• Partner with the Product Security Team to share project deliverables such as SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), SCA (Software Composition Analysis) and penetration test reports as per the timeline committed to the financial customers

• Provide timely and quality responses to security questionnaires for large financial customer project go-lives

• Gather evidence from various internal teams for a financial customer-initiated security and compliance audits and go-lives

• Collaborate with the Product Security team to ensure security remediations for existing and new projects are on track for timely customer go-lives

• Create and maintain JIRA dashboards for project deliverable tracking with Engineering and Product Security Team

• Create and maintain a centralized repository of deliverables and knowledge base artefacts for various customer projects

• Build and foster relationships with internal stakeholders for excellent collaboration to successfully deliver projects

• Work with limited supervision, manage own time effectively, and ensure timely delivery of all projects

Who You Are & What Makes You Qualified

• 5 years of experience within the security domain and 3-5 years of experience engaging with Fintech customers

• Knowledge of Reserve Bank of India (RBI) cyber security guidelines for financial institutions

• Knowledge of API gateways, distributed caching, Content Delivery Network (CDN), and service mesh

• Experience in leading compliance audits and risk assessments

• Experience in delivering presentations and answering technical questions during customer calls

• Knowledge of compliance, security, and regulatory frameworks such as SOC 2, ISO 27001, PCI-DSS, GDPR etc.

• Knowledge of technical concepts including Cloud, SaaS, IaaS, IP subnetting and whitelisting, Infra Isolation, VPNs, MDM (Mobile Device Management), VDI (Virtual Desktop Infrastructure), Access Controls, Encryption, JIRA, and AI etc.

• Knowledge of application security processes such as DAST, SAST, SCA, Secrets Scanning, Application Threat Modelling, and Application Penetration Testing etc.

• Knowledge of Cloud Security, Container Security, Host Security, DevSecOps, Shift Left Model, Security Hardening, Infra Hardening, Security Automation etc.

• Excellent collaboration skills in a rapidly changing technology environment

• Good to have: Industry recognized security certifications such as Security+, CEH, CISA, CISSP, cloud certifications for AWS, Azure and GCP

• Good to have: Experience working with Jenkins, SQL, No-SQL databases, SonarQube, and GitHub

Why You'll Love Sprinklr:

We're committed to creating a culture where you feel like you belong, are happier today than you were yesterday, and your contributions matter. At Sprinklr, we passionately, genuinely care. For full-time employees, we provide a range of comprehensive health plans, leading well-being programs, and financial protection for you and your family through a range of global and localized plans throughout the world.

For more information on Sprinklr Benefits around the world, head to [https://sprinklrbenefits.com/> to browse our country-specific benefits guides.

We focus on our mission: We founded Sprinklr with one mission: to enable every organization on the planet to make their customers happier. Our vision is to be the world’s most loved enterprise software company, ever.

We believe in our product: Sprinklr was built from the ground up to enable a brand’s digital transformation. Its platform provides every customer-facing team with the ability to reach, engage, and listen to customers around the world. At Sprinklr, we have many of the world's largest brands as our clients, and our employees have the opportunity to work closely alongside them.

We invest in our people: At Sprinklr, we believe every human has the potential to be amazing. We empower each Sprinklrite in the journey toward achieving their personal and professional best. For wellbeing, this includes daily meditation breaks, virtual fitness, and access to Headspace. We have continuous learning opportunities available with LinkedIn Learning and more.

EEO - Our philosophy: Our goal is to ensure every employee feels like they belong and are operating in a judgment-free zone regardless of gender, race, ethnicity, age, and lifestyle preference, among others. We value and celebrate diversity and fervently believe every employee matters and should be respected and heard. We believe we are stronger when we belong because collectively, we’re more innovative, creative, and successful.

Sprinklr is proud to be an equal-opportunity workplace and is an affirmative-action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. See also Sprinklr’s EEO Policy and EEO is the Law.