Compliance Analyst

About The Position

Requirements

• 2-3 Years of relevant experience across multiple security domains including policy, risk and compliance.
• Working knowledge of security, governance, compliance, and privacy standards and frameworks such as SOC 2, PCI DSS, NIST, StateRAMP/TX-RAMP/GovRAMP, OWASP, CCPA, and/or GDPR.
• Experience supporting compliance certification programs.
• Proven ability to conduct in-depth analysis of issues pertaining to information security, data protection and internal controls and evaluate multiple factors to solve complex problems.
• Basic understanding of IT systems, security controls & Cloud environments.
• Self-motivated with the ability to work independently and manage time effectively with limited direction.
• Methodical and diligent with outstanding planning abilities and a high attention to detail.
• Outstanding communication and interpersonal abilities.

Responsibilities

• Security Compliance & Privacy Program Execution: Support the Security Compliance Lead in executing Euna Solutions security compliance program, helping to ensure a successful outcome to annual SOC 2, PCI DSS, and NIST-based (e.g., TXRAMP) compliance audits.
• Continuous Monitoring and Internal Audits: Develop testing procedures and collect evidence for continuous monitoring, quarterly access reviews, and internal reviews of department and system compliance in support of SOC 2, PCI DSS, and TXRAMP requirements.
• Customer Security Questionnaires, RFP & Contract Reviews: Intake and completion of Customer Security Questionnaires, ensuring timely completion to support Sales activities.
• Vendor Management: Perform third-party vendor due diligence assessments, ensuring current and proposed vendors are aligned with Euna Solutions' compliance and privacy requirements.
• Security Awareness Training Monitoring: Track security awareness training and campaigns, ensuring employees remain compliant with company security and compliance training requirements.
• Risk Tracking: Maintain an active risk register, working with the Security Compliance Lead and departmental leadership to track remediation activities.
• Business Continuity & Disaster Recovery Compliance Monitoring: Track compliance with BCP and DR plans, ensuring they are adequate and properly tested to meet customer and compliance requirements.
• Security Metrics Generation: Periodically perform an analysis and reporting of information security program metrics. Create dashboards and trends to indicate our progress over time towards are more secure company.

Benefits

• Competitive wages
• Wellness days
• Community Engagement Committee
• Flexible workday
• Benefits
• Culture committee