Compliance Analyst

November 26

Apply Now

Receive Emails with Similar Jobs

Cresta

WebsiteLinkedInAll Job Openings

SaaS • Artificial Intelligence • Enterprise

Cresta is an enterprise-grade AI platform that focuses on enhancing contact center operations. By employing a unified platform for human and virtual agents, Cresta aims to improve customer experience, increase revenue, and reduce costs. The platform integrates AI to assist with sales, customer care, retention, and collections, providing real-time guidance and insights. Cresta's AI capabilities include conversation intelligence, agent assistance, quality management, and virtual agents. With a focus on automation and augmentation, Cresta seeks to transform workflows and customer interactions across various industries, including telecommunications, finance, and retail.

51 - 200 employees

☁️ SaaS

🤖 Artificial Intelligence

🏢 Enterprise

📋 Description

• Lead and manage all customer-facing security conversations, partnering cross-functionally to ensure timely resolution of issues and seamless execution of the security review lifecycle within sales deals. • Perform risk assessments to identify gaps, come up with recommendations, and drive the gaps to remediation. • Streamline and lead SOC 2 Type II, ISO 27001/27701/42001, PCI-DSS, TISAX and HIPAA audit processes. • Perform internal audits and keep the necessary documentation updated as required for audits. • Perform gap assessments against new regions and target industry markets to comply with compliance regulations as the company expands. • Conduct new-hire and annual security awareness training to educate personnel and re-iterate security and compliance requirements. • Oversee and continuously improve the vendor risk management framework, ensuring effective identification, assessment, and mitigation of third-party risks. • Establish metrics to track compliance program effectiveness and to report risk. • Interface with both technical (Engineering/Product) and non-technical (Sales/Marketing/Customer Success) teams. • Respond to customer RFIs, questions, audits and technical documentation requests. • Help build our common control framework and drive adoption of the framework within the organization. • Build and automate processes to achieve continuous compliance over the technology control environment. • Assist with sales and marketing materials representing product security and compliance.

🎯 Requirements

• 4+ years of experience in security governance, IT audit, or security compliance management • 3+ years of program management, with experience in affecting technology decisions • End-to-end experience going through SOC 2 Type II, HITRUST, HIPAA, TISAX, ISO 27001/27701/42001, FedRAMP, and PCI-DSS external audits • Experience in a hands-on technical role, with basic understanding of software implementation and integration • Experience with cloud environments on AWS, GCP, Azure • A track record of building relationships and credibility with business leads, external partners, and regulators through collaborative and independent programs • Experience managing competing efforts and requirements • Experience with fast-growing cloud native SaaS start-ups

🏖️ Benefits

• Comprehensive medical, dental, and vision coverage with plans to fit you and your family • Flexible PTO to take the time you need, when you need it • Paid parental leave for all new parents welcoming a new child • Retirement savings plan to help you plan for the future • Remote work setup budget to help you create a productive home office • Monthly wellness and communication stipend to keep you connected and balanced • In-office meal program and commuter benefits provided for onsite employees