Sr Analyst - Global Compliance and Certification (Product Compliance)

About The Position

Requirements

• 4+ years of experience in IT audit or internal controls, managing global compliance assessments in a complex environment with a strong focus on cloud/SaaS platforms.
• Prior experience in a compliance and regulatory environment related to security and privacy including security compliance standards across industries and geographies such as ISO 27001, SOC, HIPAA, PCI, HITRUST, SOX and FedRAMP, etc.
• Strong program and stakeholder management experience, including cross-functional leadership in a highly collaborative environment.
• Experience with compliance tooling, control testing automation, or audit workflow platforms and processes
• Technical knowledge and understanding of different hyperscaler environments such as AWS.
• Strong Analytical and problem solving skills with the ability to assess risks and recommend solutions.
• Detail oriented with strong organizational and documentation skills.
• Ability to solve unique, complex and often ambiguous problems with broad impact on the business
• Conceptual and innovative thinking to develop and implement solutions
• Ability to work independently and collaboratively in a fast paced regulatory environment.
• Identify risk in processes and environments, and strategies to mitigate the risk.

Nice To Haves

• Certifications (CRISC, CISSP, CCIE, CISM, CISA, CCSK) are a plus

Responsibilities

• Serve as cloud compliance subject matter experts, supporting internal and external audits by ensuring effective control implementation while driving efficiency through deep process knowledge
• Act as the primary liaison between external audit requests and engineering. Be able to lead walkthroughs with external assessors as needed.
• Lead Audit execution and supporting evidence focused on Salesforce environments, ensuring alignment with ISO 27001, SOC 1/2, and other regulatory frameworks.
• Partner with cross-functional teams to execute audit recommendations and strengthen compliance preparedness.
• Partner with Engineering teams to translate complex compliance frameworks and regulatory mandates into clear, actionable engineering deliverables, ensuring alignment across teams.
• Collaborate with cross-functional partners to operationalize audit recommendations and enhance compliance posture.
• Identify opportunities to streamline and automate evidence collection, driving operational efficiency and continuous improvement.
• Document detailed playbooks on processes and domains that can be leveraged for assessments.
• Proactively manage compliance risk by driving timely remediation with engineering partners and delivering clear leadership reporting on remediation progress and residual risk.

Benefits

• time off programs
• medical
• dental
• vision
• mental health support
• paid parental leave
• life and disability insurance
• 401(k)
• employee stock purchasing program