Full-Time Senior Compliance Analyst

• Lead the organization's comprehensive compliance program, including SOC 1, SOC 2, ISO 27001, ISO 9001, O-TTPS, and NetZero 2040 initiatives
• Develop and maintain an integrated compliance program that efficiently addresses requirements across multiple standards
• Design, implement, monitor, and maintain controls across multiple frameworks while collaborating with internal business partners
• Maintain BlueAlly's compliance data and evidence within the organization's GRC tool
• Answer and manage security questionnaires and Third-Party Risk Management (TPRM) assessments from customers and prospects
• Maintain and update data in the knowledge base to ensure accurate and current security documentation
• Maintain the company's Trust Center, including keeping all information current and up-to-date and reviewing and approving access requests
• Conduct regular compliance audits and assessments to evaluate the effectiveness of internal controls and identify areas for improvement
• Lead and handle all stages of compliance audits, ensuring successful completion across all frameworks
• Act as the main point of contact for external auditors during compliance reviews and certification renewals
• Collaborate with internal teams (IT, security, and legal) to ensure alignment between business operations and regulatory requirements
• Prepare detailed reports and dashboards to track compliance status and performance metrics
• Create and maintain documentation for all compliance programs
• Monitor changes to laws, regulations, and standards that impact compliance programs and ensure timely updates to policies and procedures

• 3+ years of experience in compliance and security, with demonstrated experience in at least 2 of the following frameworks: SOC 1, SOC 2, ISO 27001 Information Security Management Systems, ISO 9001 Quality Management Systems, O-TTPS implementation and maintenance, Environmental sustainability programs, preferably NetZero 2040
• Experience with security questionnaire management and TPRM processes is highly desired
• Demonstrated ability to maintain accurate compliance data and evidence repositories within GRC platforms is highly desired
• Prior experience successfully leading compliance audits is highly desired
• A strong collaborator, with experience working on teams composed of both technical and non-technical members
• Demonstrated ability to lead large-scale compliance projects, problem-solve, multitask, and have excellent organizational skills with strong attention to detail
• Ability to navigate ambiguity and bring clarity to complex compliance requirements and processes
• Excellent written and verbal communication skills, with experience presenting to key stakeholders and partnering with internal collaborators and external auditors
• Ability to thrive in a fast-paced environment
• CISA, CISM, CISSP, ISO Lead Auditor certifications, or other related certifications are preferred

What is the last date for applying to the job?

Which countries are accepted for this remote job?