Sr. Technology Compliance Analyst

About The Position

Requirements

• 2+ years of experience at a tech company
• 2+ years of project management experience
• Proficient in Google Suite and Microsoft Excel
• Excellent written and verbal communication skills
• Strong organizational and time management skills
• Ability to understand and handle complex work
• Ability to function independently with limited direction

Nice To Haves

• Prior experience in internal audit is preferred

Responsibilities

• Assist with the assessment of audit requests against company-defined IT controls for various compliance frameworks such as SOX, SOC 2, and ISO/IEC 27001:2022.
• Gather and document evidence to support audit requests using various systems such as GCP, GitLab, JIRA, Fresh Service, etc.
• Present evidence to the Technology Compliance Director for evaluation
• Submit approved audit evidence to relevant stakeholders, both internally and externally
• Assist with facilitating the quarterly User Access Review process using both manual and automated processes.
• Serve as a point of contact to facilitate communication between teams.
• Ensure accountability by tracking progress and coordinating with team members on outstanding items.
• Contact and conduct a thorough and structured review of each vendor's SOC report (the specific type of report––SOC 1 or SOC 2 will be determined based on the company's requirement).
• Utilize the internal assessment review form to systematically document and evaluate the controls, security practices, and overall compliance of the vendor.
• Analyze the SOC report to identify any exceptions, control deficiencies, or areas of non-compliance. Document these findings clearly and concisely on the assessment form.
• Report the key findings and identified exceptions to relevant internal stakeholders.
• Assist in identifying, documenting, and monitoring any gaps in compliance. Recommend process enhancements ahead of future audits.