Information Security Associate - Compliance
Bishop Fox - San Francisco, CA

This job posting is no longer available on Indeed. Find similar jobs:Information Security Associate jobs - Bishop Fox jobs

We are a rapidly growing information security services firm, serving as trusted advisors to Fortune 1000, financial institutions, and tech startups. We pride ourselves on a small-company atmosphere with generous benefits, flexible office hours, and excellent teammates.

At Bishop Fox, the Enterprise Security (ES) team guides and implements IT security strategy for our clients. We are actively defending our clients’ information while keeping our eye on the big picture and business context.

Currently, we are seeking ES Security Associate candidates with experience in technology policy and compliance.

  • Analyze process security, including: control assessments, operational security reviews, technical and business impact analyses, risk determination, and cost-benefit analyses.
  • Create and maintain security frameworks, policies, standards, guidelines, and procedures.
  • Understand client’s complex business environment, information technology management processes, and risk management approaches as they relate to industry security frameworks, policies, standards, and best practices.
  • Technical controls design and implementation.
  • Security program maturity analysis.
  • Compliance implementation and preparation for external audits.


  • Strong writing and communications skills.
  • Excited about constantly learning new technologies.
  • Ability to switch between abstract concepts and specific examples of how those concepts are implemented.
  • Understand the creation, management, and oversight of information security programs, business continuity planning, disaster recovery planning, and change management.
  • Ability to design an assessment framework, request documentation, conduct review of documentation, and meet with stakeholders independent of daily supervision.


  • Experience with COBIT, SOX, ISO27001, HIPAA, and/or PCI

About this company
Since 2005, Bishop Fox (formerly Stach & Liu) has provided security consulting services to the Fortune 1000, financial institutions, and...