COMPLY
Website:
comply.com
Job details:
About Comply:
Comply is a global leader in regulatory compliance software for financial services, offering a scalable SaaS platform backed by expert consulting. Serving thousands of firms worldwide, Comply empowers broker-dealers, investment banks, RIAs, and more to manage compliance effectively. At Comply India, engineers build impactful, client-focused solutions using AI and emerging technologies, with strong ownership and growth opportunities."
Compliance Analyst:
COMPLY is seeking a Compliance Analyst to help maintain its security compliance program. This dynamic and essential role focuses on ensuring the organization's compliance with established security standards and regulatory requirements. This role will also be primary in responding to due diligence questionnaires with COMPLY’s customer population. As a security compliance specialist, you will play a critical part in safeguarding the enterprise's operations by responding to due diligence requests, managing policy reviews, and upholding ISO 27001 and SOC2 controls. Your expertise will be instrumental in fostering a culture of security and compliance across teams while addressing evolving industry demands.
Job Summary:
Primary responsibilities of this role include responding to due diligence questionnaires, conducting policy reviews, and ensuring adherence to ISO 27001 and SOC2 security compliance controls.
Key Responsibilities:
- Excellent communication skills in the English language.
- Primary in responding to due diligence questionnaires from clients, partners, and regulatory bodies.
- Conduct thorough reviews of existing security policies and procedures. Ensure alignment with ISO 27001 and SOC2 security controls.
- Assist in the development and implementation of new security policies, procedures, and supporting artifacts.
- Monitor and report on compliance status and progress; Engage cross-organizationally to collect supporting artifacts and implement new controls.
- Collaborate with internal teams to address compliance-related issues and gaps.
- Conduct internal and external audits related to security compliance, access reviews, firewall audits, and other required processes.
- Experience using security tools such as EDR and SIEM to accomplish automating compliance activities.
- Stay updated on the latest compliance requirements and industry best practices.
- Provide training and support to staff on compliance-related matters via security newsletters, yearly security awareness training, and phishing exercises.
Qualifications:
- Bachelor's degree in information security, Computer Science, or related field.
- 3-5 years of experience in a security compliance, GRC, or related information security role.
- Strong understanding of ISO 27001 and SOC2 compliance frameworks, as well as NIST defined standards.
- Excellent written and verbal communication skills, via email and on calls.
- Detail-oriented with strong analytical and problem-solving abilities.
- Ability to work independently and as part of a team.
- Experience using Jira, Confluence, and SharePoint for collaboration.
- At least one relevant certification (e.g., CISA, CASP+, CISM, ISO 27001 Lead Auditor).
Preferred Skills:
- Experience with GRC tools and software, such as Drata or Vanta.
- Familiarity with US, as well as EU/UK security and privacy regulations (e.g., GDPR, CCPA, EU DORA).
- Strong organizational and project management skills.
Click on Apply to know more.