Information Security Compliance Analyst

We are seeking a highly skilled and experienced Compliance Analyst to join our organization. As the Compliance Analyst, you will be responsible for managing our compliance program, ensuring adherence to applicable regulatory requirements, industry standards, and internal policies. You will play a pivotal role in developing and implementing compliance frameworks, managing compliance projects, and providing guidance to cross-functional teams. Reporting to the Senior Information Security Compliance Lead, you will contribute to the overall success of our organization by maintaining a culture of compliance and integrity.

Responsibilities:

• Ensure adherence to all organizational compliance frameworks, regulations, and security guidelines.

• Provide guidance and support in implementing controls and processes, promoting a culture of compliance throughout the organization.

• Coordinate internal and external audits, serving as the primary point of contact and ensuring timely and accurate responses to audit requests.

• Work closely with team members to ensure timely delivery of evidence requirements for compliance purposes.

• Participate in both internal and external audits, answering questions, and showcasing the controls in place to meet compliance obligations.

• Assist in implementing and using LogicGate as the organization's system of truth for GRC-related controls.

• Collaborate with cross-functional teams, such as IT, legal, and Finance, to develop and maintain effective compliance programs aligned with various compliance frameworks and security guidelines.

• Identify and assess compliance risks and develop strategies to mitigate them in line with applicable compliance frameworks and security guidelines.

• Conduct regular reviews and evaluations of compliance controls, processes, and procedures to identify areas for improvement and ensure alignment with relevant compliance frameworks and security guidelines.

• Stay up to date with regulatory changes, industry best practices, and evolving compliance requirements to ensure the organization's compliance strategies are current and effective.

Potential Qualifications:

• Proven experience working in a compliance or GRC role, preferably within a similar industry, with knowledge of various compliance frameworks and security guidelines.

• Strong understanding of compliance frameworks, regulations, and security guidelines, including awareness of relevant laws and regulations such as Sarbanes-Oxley, NIST 800-171, ISO 27001, CMMC, Cyber Essentials, and Service Organizational Control.

• Excellent organizational and time management skills with the ability to manage multiple tasks simultaneously and meet deadlines.

• Strong analytical and problem-solving abilities

• Effective communication skills, both written and verbal, with the ability to communicate complex compliance concepts to diverse stakeholders.

• Demonstrated ability to work collaboratively in a team environment and build positive working relationships with colleagues at all levels.

• Proactive mindset with a continuous improvement approach to compliance programs and security guidelines.

• High level of integrity and ethics, maintaining confidentiality and professionalism in handling sensitive information.