Remote Compliance Analyst (IT/Cybersecurity) (The Compliance Navigator)

Description:

• The Compliance Analyst (IT/Cybersecurity) at our client will be responsible for conducting compliance audits and assessments of the organization's IT and cybersecurity environments to ensure adherence to internal policies, industry standards, and regulatory frameworks such as GDPR, HIPAA, PCI-DSS, and ISO 27001.
• They will perform risk assessments to identify compliance gaps, develop risk mitigation strategies, and provide detailed reports to reduce the organization's overall risk exposure.
• The role involves working with cross-functional teams to develop and enforce compliance policies, procedures, and guidelines, ensuring alignment with the latest regulatory requirements and industry best practices.
• The Compliance Analyst will maintain accurate documentation of compliance activities, prepare detailed reports for management and regulatory authorities, and develop training programs to educate employees on compliance requirements, data protection laws, and cybersecurity best practices.
• They will also assess and manage the compliance of third-party vendors and partners, collaborate with legal and IT teams to integrate compliance requirements into technical systems and business processes, and help foster a compliance-driven culture across the organization.

Requirements:

• Compliance Expertise: Strong understanding of IT and cybersecurity compliance frameworks and regulations such as GDPR, HIPAA, PCI-DSS, ISO 27001, and NIST. Ability to guide teams through regulatory landscapes.
• Risk Management Skills: Experience in conducting risk assessments, identifying compliance gaps, and developing risk mitigation strategies.
• Audit Experience: Hands-on experience in conducting internal audits, preparing audit reports, and presenting findings to stakeholders.
• Communication and Training: Exceptional communication skills to explain complex compliance requirements to technical and non-technical stakeholders.
• Regulatory Knowledge: Familiarity with data protection laws, security standards, and IT regulations.
• Analytical and Problem-Solving Skills: Strong analytical and problem-solving abilities to develop effective compliance solutions.
• Humor: A great sense of humor to navigate complex regulatory discussions and foster a productive work environment.

Educational Requirements:

• Bachelor’s or Master’s degree in Cybersecurity, Information Technology, Risk Management, or related field. Relevant certifications such as CISA, CISSP, CIPP are highly desirable.

Experience Requirements:

• 3+ years of experience in IT or cybersecurity compliance, including conducting audits and ensuring regulatory adherence.
• Experience with industry-specific regulatory frameworks (GDPR, HIPAA, PCI-DSS) and managing compliance in finance, healthcare, or government sectors.
• Experience in assessing third-party vendors for compliance and managing vendor risk is a plus.

Benefits:

• Comprehensive health and wellness benefits including medical, dental, and vision insurance.
• Competitive paid time off with vacation, sick leave, and 20 paid holidays per year.
• Flexible work schedules and telecommuting options for work-life balance.
• Opportunities for professional development, training, and career advancement.
• Access to wellness programs, gym memberships, health screenings, and mental health resources.
• Life and disability insurance coverage.
• Employee Assistance Program for counseling and support services.
• Tuition reimbursement for continuing education.
• Community engagement and volunteer opportunities.
• Recognition programs to celebrate achievements and milestones.