Speed. Security. Reliability.

Policy & Compliance Analyst

ComplianceComplianceFull TimeRemoteTeam 1,001-5,000Since 2020H1B No SponsorCompany Site LinkedIn

Location

Idaho + 3 more

Posted

86 days ago

Salary

$80.8K - $103.1K / year

Bachelor Degree2 yrs expEnglishCyber Security

Job Description

• Administer the policy lifecycle, including drafting, coordinating reviews, publishing, and updating security policies. • Collaborate with Legal, IT, and Security to ensure policies align with business and regulatory requirements. • Maintain centralized documentation for audits, assessments, and regulatory reviews. • Assist in preparing and organizing policy and evidence documentation for internal and third-party audits. • Monitor regulatory developments and assist in aligning internal practices accordingly. • Assist in monitoring organizational adherence to internal policies and procedures. • Track and report on compliance and policy enforcement metrics. • Arranges, conducts and monitors compliance testing, audits, and investigations. • Provides ongoing monitoring of compliance information systems and processes. • Informs supervisor of any compliance violations. • Reviews internal systems, controls, and processes and identifies ways to resolve regulatory gaps and deficiencies. • Assists with the implementation of new and updated compliance systems, standards, processes, procedures, and policies. • Ensures compliance with all local, state, and federal laws and regulations as well as company policies, procedures and internal controls. • Support compliance initiatives across departments by providing guidance and training. • Generates analyses and reports containing results of compliance testing to management. • Develops, maintains, and delivers compliance training content and programs. • Performs other duties as required to support the business and evolving organization.

Job Requirements

Bachelor of Science (BS) in Computer Science, Information Technology, Risk Management, Legal Studies, Business, or a related field.
Minimum of two (2) years in a policy, audit, or compliance analyst role.
Strong understanding of risk frameworks such as:
o National Institute of Standards and Technology Cybersecurity Framework (NIST CSF).
o NIST Special Publication 800-171.
o International Organization for Standardization ISO 27001.
o Service Organization Control 2 (SOC 2).
o Sarbanes-Oxley Act (SOX).
Direct experience managing regulatory requirements such as:
o Payment Card Industry Data Security Standard (PCI-DSS).
o NIST guidelines.
Experience contributing to cross-functional compliance projects or initiatives.
Familiarity with Governance, Risk, and Compliance (GRC) platforms or compliance tracking systems.
Familiarity with legal hold processes, third-party risk management, and incident response documentation.
Familiarity with business continuity and incident response concepts and procedures.