Senior Compliance Analyst I

Who We Are

Having surpassed $200M ARR and continuing to grow rapidly, AuditBoard is the leading audit, risk, and compliance platform on the market. More than 40% of the Fortune 500, including 6 of the Fortune 10, leverage our award-winning technology to move their businesses forward with greater clarity and agility. And our customers love us: AuditBoard is top-rated on G2.com and Gartner Peer Insights.

At AuditBoard we inspire each other to innovate and are proud of what we are producing. We spend each day thinking of new ways to help our customers and contribute to the greater good of our company and our surrounding communities. We are all about assisting each other and breaking through barriers to create the most loved audit, risk, and compliance platform by our customers. This is how we have become one of the 500 fastest-growing tech companies in North America for the fourth year in a row as ranked by Deloitte! 

Why This Role is Exciting

AuditBoard is looking for an experienced Compliance Analyst to enhance the strategic pillars of a security compliance program and facilitate day-to-day compliance operations. This individual will be involved in multiple areas of the business where compliance and security impact our operations (e.g. Awareness & Training, Policy Management, Control Testing & Monitoring, Continuity Testing Facilitation, and Management of Compliance Standards). This role will require the individual to have a foundational understanding of GRC concepts and how those concepts pertain to multiple departments across the business. 

This position will have visibility and interaction with the security, IT, engineering, legal, and other cross-functional teams at AuditBoard. This person will work on assignments that are complex in nature and require professional skepticism,  judgment, initiative, and knowledge of common SaaS Company positions to resolve problems and/or develop recommended solutions. 

This position reports to the Director of Information Security Compliance and is a perfect role for someone who is passionate about building compliance operations procedures and 2nd line control testing in a fast-paced environment and is an all-around great team player.

Key Responsibilities 

• Participates in maintaining and evolving the compliance program framework, including designing and developing policies, standards, and procedures.
• Facilitates and performs 2nd Line of Defense control testing and validation
• Maintains control and framework structure, hierarchy, and attributes.
• Consults with cross-functional and security teams to implement policies and procedures as well as assess data privacy and security risks, to mitigate potential compliance issues.
• Contributes to the maintenance and continuous improvement of the overall security compliance posture of AuditBoard.
• Interfaces and collaborates with security and legal teams on compliance issues
• Keeps track of changing and developing compliance frameworks and security regulations
• Participates in security compliance assessments
• Assists in providing responses to customer and vendor questionnaires
• Facilitates training, awareness, and communication of security and compliance matters across AuditBoard;
• Participates in developing and delivering training programs on security awareness, data handling/protection, and privacy.
• Works globally and cross-functionally to translate compliance requirements and principles into a set of common controls and  practices

Attributes for a Successful Candidate (Please list 5-6 must-have qualifications here)

• 3+ years of experience as a security compliance professional with an in-depth understanding of control objectives, procedures, compliance gap assessments, and evidence collection covering ISO 27001 / 27002, NIST CSF, NIST 800-53, CMMC / NIST 800-171, SOC1 / SOC2, FedRAMP, and common industry standards.
• Experience in a B2B SaaS organization
• Knowledge and experience with compliance automation tooling and practices / SQL.
• Bachelor's degree
• Ability and desire to learn new technologies and data flows quickly to help assess security risks and develop appropriate risk mitigation elements
• Ability to translate and distill laws and regulatory requirements and legal advice into operational control procedures and policies and provide practical guidance to business units and functions on those requirements
• Ability to collect, describe, and display technical information in a way to help decision-making
• Participates in industry security organizations and associations to learn emerging trends and best practices
• Experience in collaborating among cross-functional and global teams with the ability to drive and manage multiple simultaneous projects
• Experience developing security and ELC controls and communicating them to business stakeholders.
• Excellent verbal and written communication skills
• Relevant privacy and security certifications such as CISSP, CISM, CISA.

• Launch a career at one of the fastest-growing SaaS companies in North America!
• Live your best life (LYBL)! $200/mo for anything that enhances your life
• Remote and hybrid work options, plus lunch in the office
• Comprehensive employee health coverage (all locations)
• 401K with match (US) or pension with match (UK)
• Competitive compensation & bonus program
• Flexible Vacation (US exempt & CA) or 25 days (UK)
• Time off for your birthday & volunteering
• Employee resource groups
• Opportunities for team and company-wide get togethers!

*perks may vary based on eligibility

#LI-Remote