Compliance Analyst
About The Position
The Compliance Analyst (CA) at ampliFI Loyalty Solutions is responsible for supporting and executing the company’s compliance programs. Reporting to the Compliance Manager, the CA works closely with the Risk & Security team as well as all business units, including Technology, Operations, Product, and others. Under the guidance of the Compliance Manager, the CA assists with industry and client audits, internal assessments, and compliance requests, including but not limited to SOC, PCI, and Privacy. The role also involves supporting risk identification and management across the company. Additionally, the CA may assist with information security initiatives to protect both ampliFI and customer data. While the Compliance team’s focus is on compliance responsibilities, opportunities may exist to contribute to broader security platforms and initiatives.
Requirements
- Bachelor’s degree in Compliance, Audit, Cybersecurity, Information Security, Information Technology, Computer Science, or a related field, or equivalent professional experience
- Minimum of 2 years of experience in compliance, audit, security, or risk management
- Understanding of privacy regulations (e.g., CCPA, GDPR)
- Competency in supporting audit and compliance processes
- Strong organizational and time-management skills
- Ability to create and maintain policies, procedures, and documentation
Nice To Haves
- Hands-on experience with SOC, PCI DSS, or other audit/compliance frameworks
- Exposure to risk and security frameworks such as NIST CSF, NIST RMF, or ISO 27001
- Experience supporting third-party assessments or client compliance requests
- Familiarity with business continuity or incident response planning and testing
- Experience collaborating across cross-functional teams in a technical environment
Responsibilities
- Support and assist with SOC audits including SOC 1 Type II and SOC 2 Type II with all Trust Service Criteria
- Support PCI DSS assessments as a Level 1 Service Provider
- Support privacy readiness efforts aligned with U.S., state, and international regulations (e.g., CCPA, GDPR), including data breach response preparedness
- Assist with Governance, Risk, and Compliance (GRC) program activities, including monitoring control effectiveness and remediation tracking
- Maintain and update policies, standards, and procedures
- Support client third-party management requests and assessments
- Assist with vendor risk management and other compliance-related initiatives as directed
- Support security initiatives as needed across the Risk & Security team
- Assist in monitoring, reporting, and documentation of security systems and controls
- Monitor remediation activities related to penetration testing and application security assessments
- Participate in incident response for privacy and data subject requests
- Prepare compliance and risk reports for management and clients
- Assist in handling audit inquiries and evidence collection
- Support Business Continuity and Disaster Recovery (BCDR) testing
- Perform additional duties as assigned
Benefits
- Competitive pay plus 401(k) with employer match
- Medical, dental, vision, and life insurance
- Voluntary café plans, including voluntary life, accident, hospital, critical care, and parking/transit options
- Tuition Reimbursement
- Paid time off, company holidays, and parental leave
- Employee Assistance Program
- Hybrid work environment with flexible hours
- Onsite perks including gym access and snacks
- Employee recognition programs celebrating milestones and achievements
- Growth opportunities within a supportive, team-oriented environment
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
