Compliance Analyst (IT/Cybersecurity) (The Compliance Navigator)
Company: Unreal Gigs
Location: San Francisco
Posted on: November 6, 2024
Job Description:
Introduction:Are you passionate about ensuring that
organizations adhere to regulatory requirements and security best
practices? Do you have the expertise to assess IT and cybersecurity
environments for compliance while keeping teams on the right side
of regulatory frameworks? If you're a detail-oriented professional
with a knack for navigating complex compliance landscapes, then our
client has the perfect opportunity for you. We're seeking a
Compliance Analyst (IT/Cybersecurity) (aka The Compliance
Navigator) to help us maintain the highest standards of regulatory
compliance and security.Imagine being the person who ensures that
every system, process, and team within the organization complies
with industry regulations such as GDPR, HIPAA, and PCI-DSS. As the
Compliance Analyst at our client, you'll conduct audits, assess
risks, and work with cross-functional teams to ensure we're meeting
our compliance goals. This role is about more than just ticking
boxes-it's about helping the organization navigate a constantly
evolving regulatory landscape and minimizing compliance risks.Key
Responsibilities:
- Compliance Audits and Assessments: Conduct regular compliance
audits and assessments of the organization's IT and cybersecurity
environments. You'll ensure that the organization complies with
internal policies, industry standards, and regulatory frameworks
such as GDPR, HIPAA, PCI-DSS, and ISO 27001.
- Risk Assessment and Mitigation: Perform risk assessments to
identify potential compliance gaps and vulnerabilities. You'll
provide detailed reports and recommend risk mitigation strategies
to address areas of non-compliance and reduce the organization's
overall risk exposure.
- Policy Development and Enforcement: Work with IT, security, and
legal teams to develop and enforce compliance policies, procedures,
and guidelines. You'll ensure that policies are regularly updated
and aligned with the latest regulatory requirements and industry
best practices.
- Regulatory Reporting and Documentation: Maintain accurate
documentation of compliance activities, including audit findings,
risk assessments, and regulatory reporting. You'll prepare detailed
reports for management and regulatory authorities, ensuring that
all required documentation is accurate and up to date.
- Training and Awareness Programs: Develop and deliver training
programs to educate employees on compliance requirements, data
protection laws, and cybersecurity best practices. You'll help
foster a compliance-driven culture across the organization and
ensure that everyone understands their role in maintaining
compliance.
- Vendor and Third-Party Compliance Management: Assess and manage
the compliance of third-party vendors and partners, ensuring that
they meet the organization's security and regulatory standards.
You'll conduct vendor risk assessments and work with procurement
teams to ensure that third-party contracts include appropriate
compliance clauses.
- Collaboration with Legal and IT Teams: Serve as a liaison
between legal, IT, and security teams to ensure that compliance
requirements are integrated into technical systems and business
processes. You'll help ensure that compliance is maintained
throughout the organization's digital infrastructure.Required
Skills:
- Compliance Expertise: Strong understanding of IT and
cybersecurity compliance frameworks and regulations such as GDPR,
HIPAA, PCI-DSS, ISO 27001, and NIST. You know how to assess systems
for compliance and guide teams through regulatory landscapes.
- Risk Management Skills: Experience conducting risk assessments,
identifying compliance gaps, and developing risk mitigation
strategies. You're skilled at quantifying compliance risks and
recommending practical solutions.
- Audit Experience: Hands-on experience conducting internal
audits, preparing audit reports, and presenting findings to
stakeholders. You're detail-oriented and know how to assess an
environment for regulatory compliance.
- Communication and Training: Exceptional communication skills,
with the ability to explain complex compliance requirements to both
technical and non-technical stakeholders. You enjoy educating teams
and building a compliance-first culture.
- Regulatory Knowledge: Familiarity with data protection laws,
security standards, and IT regulations. You stay up-to-date with
regulatory changes and ensure that compliance policies are
regularly updated.
- Analytical and Problem-Solving Skills: Strong analytical and
problem-solving abilities, with the capacity to break down complex
compliance issues and develop effective solutions. You're proactive
in finding ways to stay compliant and mitigate risks.
- Humor: A great sense of humor, because even in the world of
compliance, we believe in fostering a work environment that is both
productive and enjoyable. If you can navigate complex regulatory
discussions while keeping the team engaged, you're our kind of
analyst.Educational Requirements:
- Bachelor's or Master's degree in Cybersecurity, Information
Technology, Risk Management, or a related field. Equivalent
experience with a proven track record in IT or cybersecurity
compliance is also valued.
- Certifications such as Certified Information Systems Auditor
(CISA), Certified Information Systems Security Professional
(CISSP), Certified Information Privacy Professional (CIPP), or
similar are highly desirable.Experience Requirements:
- 3+ years of experience in IT or cybersecurity compliance, with
hands-on experience conducting compliance audits and ensuring
regulatory adherence in complex IT environments.
- Proven experience working with industry-specific regulatory
frameworks (GDPR, HIPAA, PCI-DSS) and managing compliance in
industries such as finance, healthcare, or government.
- Experience assessing third-party vendors for compliance and
managing vendor risk is a plus.
#J-18808-Ljbffr
Keywords: Unreal Gigs, Davis , Compliance Analyst (IT/Cybersecurity) (The Compliance Navigator), Accounting, Auditing , San Francisco, California
Didn't find what you're looking for? Search again!
Loading more jobs...