Apply on Employer Site

AuditBoard · 10 hours ago

Senior Compliance Analyst I (Poland)

United States

Full-time

Remote

Mid, Senior Level

3+ years exp

AuditBoard is a leading audit, risk, ESG, and InfoSec platform that has surpassed $300M ARR and continues to grow. The Senior Compliance Analyst will enhance the strategic pillars of a security compliance program and facilitate day-to-day compliance operations, collaborating with various teams to ensure compliance and security standards are met.

Cloud Data ServicesComplianceCustomer ServiceInformation TechnologySaaS

Growth Opportunities

Responsibilities

Participates in maintaining and evolving the compliance program framework, including designing and developing policies, standards, and procedures

Facilitates and performs 2nd Line of Defense control testing and validation

Facilitates compliance operations including User Access Reviews, Due Diligence Questionnaires, and Issues Management

Consults with cross-functional and security teams to implement policies and procedures as well as assess data privacy and security risks, to mitigate potential compliance issues

Contributes to the maintenance and continuous improvement of the overall security compliance posture of AuditBoard

Interfaces and collaborates with security and legal teams on compliance issues

Participates in security compliance assessments

Assists in providing responses to customer and vendor questionnaires

Facilitates training, awareness, and communication of security and compliance matters across AuditBoard

Participates in developing and delivering training programs on security awareness, data handling/protection, and privacy

Works globally and cross-functionally to translate compliance requirements and principles into a set of common controls and practices

Qualification

Security compliance experienceGRC concepts knowledgeCompliance automation toolingRelevant certificationsB2B SaaS experienceControl testing experienceCross-functional collaborationLearn quicklyCommunication skillsProject management skills

Required

3+ years of experience as a security compliance professional with an in-depth understanding of control objectives, procedures, compliance gap assessments, and evidence collection covering ISO 27001 / 27002, NIST CSF, NIST 800-53, CMMC / NIST 800-171, SOC1 / SOC2, FedRAMP, and common industry standards

Experience in a B2B SaaS organization

Knowledge and experience with compliance automation tooling and practices / SQL

Bachelor's degree

Ability and desire to learn new technologies and data flows quickly to help assess security risks and develop appropriate risk mitigation elements

Ability to translate and distill laws and regulatory requirements and legal advice into operational control procedures and policies and provide practical guidance to business units and functions on those requirements

Ability to collect, describe, and display technical information in a way to help decision-making

Participates in industry security organizations and associations to learn emerging trends and best practices

Experience in collaborating among cross-functional and global teams with the ability to drive and manage multiple simultaneous projects

Experience developing security and ELC controls and communicating them to business stakeholders

Excellent verbal and written communication skills

Relevant privacy and security certifications such as CISSP, CISM, CISA