Senior Compliance Analyst I
United States
AuditBoard
AuditBoard is trusted by the Fortune 500 for SOX, internal controls, audit management, compliance, and risk management. Learn more.Who We Are
Having surpassed $200M ARR and continuing to grow rapidly, AuditBoard is the leading audit, risk, and compliance platform on the market. More than 40% of the Fortune 500, including 6 of the Fortune 10, leverage our award-winning technology to move their businesses forward with greater clarity and agility. And our customers love us: AuditBoard is top-rated on G2.com and Gartner Peer Insights.
At AuditBoard we inspire each other to innovate and are proud of what we are producing. We spend each day thinking of new ways to help our customers and contribute to the greater good of our company and our surrounding communities. We are all about assisting each other and breaking through barriers to create the most loved audit, risk, and compliance platform by our customers. This is how we have become one of the 500 fastest-growing tech companies in North America for the fourth year in a row as ranked by Deloitte!
Why This Role is Exciting
AuditBoard is looking for an experienced Compliance Analyst to enhance the strategic pillars of a security compliance program and facilitate day-to-day compliance operations. This individual will be involved in multiple areas of the business where compliance and security impact our operations (e.g. Awareness & Training, Policy Management, Control Testing & Monitoring, Continuity Testing Facilitation, and Management of Compliance Standards). This role will require the individual to have a foundational understanding of GRC concepts and how those concepts pertain to multiple departments across the business.
This position will have visibility and interaction with the security, IT, engineering, legal, and other cross-functional teams at AuditBoard. This person will work on assignments that are complex in nature and require professional skepticism, judgment, initiative, and knowledge of common SaaS Company positions to resolve problems and/or develop recommended solutions.
This position reports to the Director of Information Security Compliance and is a perfect role for someone who is passionate about building compliance operations procedures and 2nd line control testing in a fast-paced environment and is an all-around great team player.
Key Responsibilities
- Participates in maintaining and evolving the compliance program framework, including designing and developing policies, standards, and procedures.
- Facilitates and performs 2nd Line of Defense control testing and validation
- Maintains control and framework structure, hierarchy, and attributes.
- Consults with cross-functional and security teams to implement policies and procedures as well as assess data privacy and security risks, to mitigate potential compliance issues.
- Contributes to the maintenance and continuous improvement of the overall security compliance posture of AuditBoard.
- Interfaces and collaborates with security and legal teams on compliance issues
- Keeps track of changing and developing compliance frameworks and security regulations
- Participates in security compliance assessments
- Assists in providing responses to customer and vendor questionnaires
- Facilitates training, awareness, and communication of security and compliance matters across AuditBoard;
- Participates in developing and delivering training programs on security awareness, data handling/protection, and privacy.
- Works globally and cross-functionally to translate compliance requirements and principles into a set of common controls and practices
Attributes for a Successful Candidate (Please list 5-6 must-have qualifications here)
- 3+ years of experience as a security compliance professional with an in-depth understanding of control objectives, procedures, compliance gap assessments, and evidence collection covering ISO 27001 / 27002, NIST CSF, NIST 800-53, CMMC / NIST 800-171, SOC1 / SOC2, FedRAMP, and common industry standards.
- Experience in a B2B SaaS organization
- Knowledge and experience with compliance automation tooling and practices / SQL.
- Bachelor's degree
- Ability and desire to learn new technologies and data flows quickly to help assess security risks and develop appropriate risk mitigation elements
- Ability to translate and distill laws and regulatory requirements and legal advice into operational control procedures and policies and provide practical guidance to business units and functions on those requirements
- Ability to collect, describe, and display technical information in a way to help decision-making
- Participates in industry security organizations and associations to learn emerging trends and best practices
- Experience in collaborating among cross-functional and global teams with the ability to drive and manage multiple simultaneous projects
- Experience developing security and ELC controls and communicating them to business stakeholders.
- Excellent verbal and written communication skills
- Relevant privacy and security certifications such as CISSP, CISM, CISA.
- Launch a career at one of the fastest-growing SaaS companies in North America!
- Live your best life (LYBL)! $200/mo for anything that enhances your life
- Remote and hybrid work options, plus lunch in the office
- Comprehensive employee health coverage (all locations)
- 401K with match (US) or pension with match (UK)
- Competitive compensation & bonus program
- Flexible Vacation (US exempt & CA) or 25 days (UK)
- Time off for your birthday & volunteering
- Employee resource groups
- Opportunities for team and company-wide get togethers!
*perks may vary based on eligibility
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation CISA CISM CISSP CMMC Compliance FedRAMP ISO 27001 Monitoring NIST NIST 800-53 Privacy SaaS SOC 1 SOC 2 SQL
Perks/benefits: 401(k) matching Competitive pay Flex vacation Salary bonus Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cybersecurity Analyst jobs
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Engineer jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Network security-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open PowerShell-related jobs