Compliance Analyst
United States
SailPoint
This position helps ensure that the company remains in compliance with SaaS industry regulations and certifications. This position reports to the Compliance Manager and works with various organizations at the company to help implement and maintain standards, policies, plans, processes, procedures, and other activities as required to meet corporate compliance and regulatory requirements. This position will manage compliance projects, track compliance activities, develop reports, track various matrices, conduct testing of internal controls, and perform internal self-assessments and audits. This position may occasionally interface with Third Party Assessment Organizations in support of external assessments and activities.
Responsibilities
This role will be responsible for, but not limited to, these activities –
Engages with a variety of SailPoint teams in the activity required to maintain controls required of assessment certifications.
Compliance representative on teams responsible for engineering design and development of cloud based products and services.
Manages and conducts on-going assessment of those departments, processes and procedures within scope of the certifications; responsible for summarizing and reporting results of these self-assessments to SailPoint Management.
Monitors and maintains established SailPoint Certification Program documentation required to support continual certification activity within SailPoint.
Responsible for actively monitoring and reporting remediation activity required to address identified gaps in the SailPoint System Security Plan.
Aids in the Identification of security risks and development of risk treatment plans.
Provides recommendations for improving the organization’s operations.
Evaluates and provides reasonable assurance that risk management, controls and the governance systems are functioning as intended and will enable the organization’s objectives and goals to be met.
Maintains positive and open communication with SailPoint management and teams across Engineering as well as corporate IT and Security.
Interfaces with outside parties in support of external audits and assessments.
Work with SailPoint management to ensure plans are in place to deal with compliance problems when they occur and before certifications are jeopardized.
Assist Management to identify, implement, and maintain appropriate security and compliance measures.
Leverage dashboards or platform specific consoles and repositories associated with certifications to represent threats and vulnerabilities in the environment.
Assist with other Compliance duties as needed.
This position will require a general working knowledge of the processes and procedures required to develop, test, promote, manage, distribute, support and secure SailPoint cloud-based products and service.
Requirements:
3-4 years of experience as a compliance analyst and/or IT auditor is a must
Experience with SOC 1 Type 2, SOC 2 Type 2, ISO27001, ISO 27018, ISO 27701, PCI, C5, IRAP or similar compliance frameworks
Project management experience
General knowledge of IT systems, DevOps, IT security, AWS/Azure, GRC tools
General knowledge of SaaS SDLC.
Well-versed in compliance guidelines and best practices
Technical systems knowledge – especially in the areas of access control and logging.
Strong analytical skills
Attention to detail.
Ability to maintain confidentiality.
Ability to build strong relationships across cross-functional teams.
Strong technical writing and research skills
Excellent communication, coordination, and negotiation skills
Any of the following certifications are a plus:
CISA, CIA, CISSP, PMP
SailPoint is an equal opportunity employer and we welcome everyone to our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits AWS Azure CIA CISA CISSP Cloud Compliance DevOps Governance ISO 27001 Monitoring Risk management SaaS SailPoint SDLC SOC SOC 1 SOC 2 System Security Plan Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs