IT Compliance & Security Analyst

Job Description

About the Role:

We are looking for a hands-on IT Compliance & Security Analyst that thrives in a multi-project, dynamic, and energetic environment. You will be part of the IT Security Compliance Operations team and will partner closely with various departments, such as: Finance, Legal, Sales Operations, Vendor Management, Audit, and HR, etc.

The Security Compliance team is responsible for the execution, facilitation and management of IT SOX controls, GRC workflows, audit liaising, and OFAC and security compliance operations.  This role will be heavily focused on supporting audits for the certification programs, executing OFAC and security compliance reviews, evaluating technology controls and serving as a compliance subject matter expert to the business. In this role, you will also have the opportunity to be a part of a dynamic operations team that manages and implements various IT compliance, security, and audit remediation initiatives. Some of the regulatory initiatives are: SOX, SOC2, FedRamp, ISO, NIST, and GDPR. 

The ideal candidate is positive, hardworking, self-directed, and has a natural curiosity. Additionally, strong attention to detail, analytical skills, and a solid understanding of various security frameworks are essential for success in this role. 

This is a great time to join a growing SaaS company with tons of opportunity!  Since we are a SaaS shop; familiarity with cloud-based applications such as: Okta, Slack, Jira, Confluence, NetSuite, Zuora, RevPro, Workday, Coupa, etc. is a must. 

What you get to do every single day:

• Ensure compliance to international sanctions regulations.

• Ensure that process owners are performing due diligence when implementing changes to IT systems and applications.

• Evaluate security controls through assessment of evidence during periodic external audits.

• Participate during internal controls walkthrough with external auditors.

• Improve control efficiencies, design, and operating effectiveness of security controls through working with: IT,  Finance, HR, Business, and Internal Audit.

• Conduct periodic user access review to ensure appropriate usage of an organization's information systems and data. 

• Take ownership of multiple control areas and think "outside-the-box" to identify process improvement opportunities.

• Perform or assist with new system implementation impact/gap assessments as they relate to key business and IT processes.

What you bring to the role:

• Bachelor's degree in a related field and a minimum of three (3) years experience in IT audit (preferred), information security (access and change management experience a BONUS), or Governance, risk and compliance (GRC) .

• Profound understanding of IT and internal audits methodologies, risk assessment, control evaluation, and compliance frameworks.

• Familiarity with security concepts such as access management (user access reviews, password authentication, 2FA), change management, segregation of duties and computer operations.

• Ability to navigate ambiguity in order to define process workflows.

• Strong critical thinking and problem-solving abilities with superb communication skills.

• Enthusiasm to learn about new applications and conceptualize impact on security and compliance standards.

• Light programming experience and technical expertise with scripting language (such as Python), and/or general API development/configuration also a BONUS.

#LI-MJ1

Zendesk software was built to bring a sense of calm to the chaotic world of customer service. Today we power billions of conversations with brands you know and love.

Zendesk believes in offering our people a fulfilling and inclusive experience. Our hybrid way of working, enables us to purposefully come together in person, at one of our many Zendesk offices around the world, to connect, collaborate and learn whilst also giving our people the flexibility to work remotely for part of the week.

Hybrid: In this role, our hybrid experience is designed at the team level to give you a rich onsite experience packed with connection, collaboration, learning, and celebration - while also giving you flexibility to work remotely for part of the week. This role must attend our local office for part of the week. The specific in-office schedule is to be determined by the hiring manager.

The intelligent heart of customer experience
Zendesk software was built to bring a sense of calm to the chaotic world of customer service. Today we power billions of conversations with brands you know and love. We advocate for digital first customer experiences—and we stick with it in our workplace. Over 5,000 employees worldwide are collaborating from kitchen tables, home offices, coworking spaces, and Zendesk workspaces to make one team.

Zendesk is an equal opportunity employer, and we’re proud of our ongoing efforts to foster global diversity, equity, & inclusion in the workplace. Individuals seeking employment and employees at Zendesk are considered without regard to race, color, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, disability, military or veteran status, or any other characteristic protected by applicable law. We are an AA/EEO/Veterans/Disabled employer. If you are based in the United States and would like more information about your EEO rights under the law, please click here.

Zendesk endeavors to make reasonable accommodations for applicants with disabilities and disabled veterans pursuant to applicable federal and state law. If you are an individual with a disability and require a reasonable accommodation to submit this application, complete any pre-employment testing, or otherwise participate in the employee selection process, please send an e-mail to peopleandplaces@zendesk.com with your specific accommodation request.