200+ applicants

Company

Original Job Post

InterVision Systems · 1 week ago

Compliance Analyst

United States

Full-time

Remote

Mid Level

3+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

ComputerElectronics

H1B Sponsorship

Hiring Manager

Jonathan Dalupan

Insider Connection @InterVision Systems

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Keep abreast of compliance and privacy changes, revise policies and standards in response to regulatory and management requirements; and communicate changes through periodic updates and compliance newsletters to team members, management, and board of directors when required.

Document policy exceptions, seek management approval, and report status to the Governance, Risk and Compliance (GRC) committee.

Oversee the corporate privacy program, monitor evolving privacy laws, and ensure all related policies and legal documents remain current.

Research and respond to staff questions regarding regulatory compliance.

Investigate compliance issues as they arise; escalate and document non-compliance to management.

Oversee both internal and external audits and assessments, ensuring adherence to corporate policies. Address inquiries from clients and vendors. Additionally collaborate with stakeholders to draft responses to audit findings and formulate corrective action plans.

Coordinate annual SOC 2 and HiTRUST audits, oversee audit timelines, monitor requests, coordinate with stakeholders, and verify and upload evidential data.

Manage quarterly Testing, Training, and Exercises (TTE) audit requirements, coordinate with stakeholders and document results.

Assist in evaluating vendors, conducting compliance assessments, reviewing contract and RFP requirements, as well as examining client contracts for privacy and information security considerations, updating policies and standards to align with contractual obligations.

Manage, track, and report risks on risk register; periodically update risk assessments and report mitigation action status to stakeholders, management, and board members.

Assist in establishing minimal control requirements for new and existing products to ensure compliance and security.

Assist in evaluating software against compliance requirements and maintain Authorized Software list for organizational use.

Review and evaluate new products to ensure they meet compliance standards as outlined in external-facing product documents.

Periodically update BIAs, maintain Continuity of Operations Plans and oversee disaster recovery plans.

Perform additional duties as requested or required by management.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

IT AuditInformation SecuritySOC2HITRUSTGDPRNIST CSFPrivacy regulationsIT Risk ManagementSecurity practicesPrivacy practicesProcedures developmentTraining materials developmentAnalytical reasoningIT organization business processesIT SecurityData managementArchitectural planningTechnology lifecycle managementRegulatory issuesServiceNowServiceNow Risk Management ModuleCertified Information Systems Auditor (CISA)Certified Information Systems Security Professional (CISSP)Governance RiskCompliance certification (CGRC)Certified RiskInformation Systems Control (CRISC)InterpersonalCommunicationAnalytical

Required

3+ years of progressive experience in IT Audit and/or Information Security is required.

Familiarity with SOC2, HITRUST, GDPR, NIST CSF and privacy regulations is essential.

Familiarity with best practice IT Risk Management as well as other leading security and privacy practices and principles is required.

Strong interpersonal, writing, analytical, and communication skills.

Ability to work individually, within a team, and with other groups.

Ability to independently develop and draft policies and procedures.

Ability to develop and present training materials to an audience.

Strong Analytical reasoning and technical and/or analytic skills are required.

In-depth knowledge of IT organization business processes and systems including IT Security, data management, architectural and planning, technology lifecycle management, regulatory issues.

Proficient knowledge of ServiceNow, including the ServiceNow Risk Management Module

TWO or more of the following certifications: Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Governance, Risk and Compliance certification (CGRC), Certified Risk and Information Systems Control (CRISC)

Preferred

3 -6 years of experience in IT Audit and/or Information Security is preferred.

Bachelor's degree in a related field of equivalent years of experience

Company

InterVision Systems

InterVision Systems, LLC is a leading integrator of technology solutions.

Founded in 1993

Santa Clara, California, USA

501-1,000 employees

http://www.intervision.com

H1B Sponsorship

InterVision Systems has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Trends of Total Sponsorships

2022 (1)