Compliance Analyst - Cybersecurity
DoceboDocebo's learning platform enables you to drive engagement, productivity, and connections with your customers, partners, and employees.
Still not sure? We are a culture where values are at the center of everything we do. We also embody what we call the Docebo Heart. We trust our teammates, assume the best of one another, and also hold space for all the differences that make us better. 💙
So what are you waiting for? Apply today! Join 800+ global Docebians and change the way people learn.
Are you ready to be a part of the learning revolution? 🚀
About This Opportunity:
The Compliance Analyst will collaborate with internal departments and external parties to strengthen Docebo's Compliance and Security initiatives. This role encompasses a wide range of frameworks relevant to Docebo products, including NIST, GDPR, PCI, ISO, SOC, SOX, CFR21, and FedRAMP.
The role will primarily support customer-facing communication and responses to Prospect and Customer questions related to Company Compliance and Security posture. The ideal candidate should be proactive and adaptable, with a solid understanding of cloud technology, particularly in security. They should have experience in SaaS services, be skilled at reviewing customer agreements, and possess exceptional communication abilities.
Reports to: Business Enablement Manager - SecurityLocation: Toronto (Hybrid)
- Respond to customer security requests, review RFI/RFQ, and properly compile responses related to Docebo's Compliance and Security posture.
- Respond to customer Compliance and Security questionnaires and identify outstanding customer requirements that need to be internally addressed with Corrective Action Plans (CAPs).
- Drive customer Compliance and Security annual audits.
- Support the Docebo legal team in reviewing Customer Agreements and Terms and Conditions, Data Processing Addendum, and any Compliance and Security documents, mapping customer requirements to Docebo standard processes.
- Prepare draft reports and other management reporting deliverables;
- Organize the internal Compliance and Security documentation and tools to keep them up to date and publish them on the Docebo “trust page”.
- Conducts additional information gathering as needed to identify compliance risks.
- Provide support to the GRC team (Governance, Risk, and Compliance) during SOC2, ISO27001, and FedRAMP audits to ensure that the organization is audit-ready.
- Other duties related to Compliance and Security as may be assigned or requested.
- Significant working experience supporting audits and compliance & security activities for SaaS companies.
- Working knowledge of information security principles, trends, and best practices, including AWS environment and services.
- Knowledge of GDPR requirements and other data privacy laws (CCPA, PIPL, etc.).
- Understanding of compliance and security management principles.
- Continuous learning mindset, passion for the intersection of technology and business.
- Bachelor's degree in computer science, information security, auditing, law, or similar.
- Basic legal knowledge and principles related to any applicable privacy laws worldwide (GDPR, CCPA, etc.)
- Certified Information Systems Auditor (CISA)
- IAPP CIPP or CIPT
- CompTIA Security+
- FedRamp framework knowledge
- Proficient in tools such as Drata, RFP.io, Loopio, and similar.
Benefits & Perks 😍-Generous Vacation Policy, plus 2 extra floating holidays to use for religious or cultural events that matter to you-Employee Share Purchase Plan-Career progression/internal mobility opportunities-Four employee resource groups to get involved with (the Docebo Women's Alliance, PRIDE, BIDOC, and Green Ambassadors)-WeWork partnership and “Work from Anywhere” program
Hybrid Office Model 🏢We believe when people are together, they develop deeper relationships and accelerate innovation. Because of this, all Docebo employees worldwide are “hybrid.” We encourage in-person collaboration while supporting work-from-home when employees need dedicated focus time, allowing Docebians to do their best every day. Each team leader is able to decide how often their teams come into the office, considering the needs of the team and the employee’s needs. Our Talent Acquisition team will let you know about the role you are applying for and the hybrid details during the first interview.
About Docebo 💙Here at Docebo, we power learning experiences for over 3000 customers around the world with our easy-to-use, AI-powered Suite designed to close the enterprise learning loop. We have successfully achieved 2 IPOs (TSX: DCBO & NASDAQ: DCBO), been recognized as a Top SaaS e-learning Solution, and are growing exponentially in the process.Docebo is a global company with offices in North America, EMEA, APAC and more. Our people believe in six core values, simply defined and manifested in everything we do - Innovation, Simplicity, Accountability, Togetherness, Curiosity, and Impact. If this sounds like you, now is your time to join one of the fastest-growing learning technology companies on the market. Apply today!
Docebo is an Equal Employment Opportunity employer. We are committed to diversity and inclusion in our workforce. All qualified applicants and employees will receive consideration for employment regardless of their race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), national origin, citizenship status, age, disability, genetic information, or any other category protected under applicable law.
Any individuals requiring a reasonable accommodation to assist with their job search or application for employment should send an e-mail to recruiting_accommodations (at) docebo.com. The e-mail should include a description of the requested accommodation and the position you’re applying for or interested in.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Minneapolis, MN, United States Minneapolis, MN, United States Full TimeEntry Entry-levelUSD 95K - 135K * USD 95K+ *
EAC Product Development Solutions
Information Security AnalystAudits Compliance Industrial Monitoring Pentesting Travel +1
Career development Flex hours Flex vacation Health care Insurance +1
Richmond, Virginia Richmond, Virginia Full TimeEntry Entry-levelUSD 75K - 125K * USD 75K+ *
Governance, Risk and Compliance Analyst - Artificial IntelligenceArtificial Intelligence Compliance Governance Risk management RMF Strategy
Career development Competitive pay Equity Fitness / gym Flex vacation +3
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Senior Security Analyst jobs
- Open Cyber Security Architect jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Ingénieur DevSecops H/F jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Infosec Risk Manager jobs
- Open Agile-related jobs
- Open C-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open DevOps-related jobs
- Open Threat intelligence-related jobs
- Open Security Clearance-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs