Senior Compliance Analyst

Job not on LinkedIn

July 21

🏄 California – Remote

Although this job is listed in California, this company may be open to hiring remote in other states.

⏰ Full Time

🟠 Senior

🚔 Compliance

Apply Now

Receive Emails with Similar Jobs

NetCraftsmen, now BlueAlly

WebsiteLinkedInAll Job Openings

NetCraftsmen, was acquired by BlueAlly in March 2022. At BlueAlly, our mission is to make technology more accessible, more certain, and more impactful for every organization.

51 - 200 employees

📋 Description

• BlueAlly is seeking a Senior Compliance Analyst to join our team who will work closely with our IT and security functions. • You'll be focused on handling the execution of tasks for the GRC Program within BlueAlly, leading multiple compliance initiatives including SOC 1, SOC 2, ISO frameworks, and sustainability standards. • You will ensure timely delivery of high-quality compliance deliverables and actively contribute to process optimization and improvement initiatives. • This role requires understanding of multiple compliance frameworks, information security practices, and experience working with technology teams. • Lead the organization's comprehensive compliance program, including SOC 1, SOC 2, ISO 27001, ISO 9001, O-TTPS, and NetZero 2040 initiatives • Develop and maintain an integrated compliance program that efficiently addresses requirements across multiple standards • Design, implement, monitor, and maintain controls across multiple frameworks while collaborating with internal business partners • Maintain BlueAlly's compliance data and evidence within the organization's GRC tool • Answer and manage security questionnaires and Third-Party Risk Management (TPRM) assessments from customers and prospects • Maintain and update data in the knowledge base to ensure accurate and current security documentation • Maintain the company's Trust Center, including keeping all information current and upto-date and reviewing and approving access requests • Conduct regular compliance audits and assessments to evaluate the effectiveness of internal controls and identify areas for improvement • Lead and handle all stages of compliance audits, ensuring successful completion across all frameworks • Act as the main point of contact for external auditors during compliance reviews and certification renewals • Collaborate with internal teams (IT, security, and legal) to ensure alignment between business operations and regulatory requirements • Prepare detailed reports and dashboards to track compliance status and performance metrics • Create and maintain documentation for all compliance programs • Monitor changes to laws, regulations, and standards that impact compliance programs and ensure timely updates to policies and procedures

🎯 Requirements

• You have 3+ years of experience in compliance and security, with demonstrated experience in at least 2 of the following frameworks: SOC 1 SOC 2 ISO 27001 Information Security Management Systems ISO 9001 Quality Management Systems O-TTPS implementation and maintenance Environmental sustainability programs, preferably NetZero 2040 • Experience with security questionnaire management and TPRM processes is highly desired • Demonstrated ability to maintain accurate compliance data and evidence repositories within GRC platforms is highly desired • Prior experience successfully leading compliance audits is highly desired • You are a strong collaborator, with experience working on teams composed of both technical and non-technical members • You have a demonstrated ability to lead large-scale compliance projects, problem-solve, multitask, and have excellent organizational skills with strong attention to detail • You can navigate ambiguity and bring clarity to complex compliance requirements and processes • You have excellent written and verbal communication skills, with experience presenting to key stakeholders and partnering with internal collaborators and external auditors • You thrive in a fast-paced environment • CISA, CISM, CISSP, ISO Lead Auditor certifications, or other related certifications are preferred