Comply4d ago

Security Compliance Analyst

Yorkmid

Finance & AccountingCompliance Analyst

0 views0 saves0 applied

Apply Now

Quick Summary

Key Responsibilities

Primary responsibilities of this role include responding to due diligence questionnaires, conducting policy reviews, and ensuring adherence to ISO 27001 and SOC2 security compliance controls. Excellent communication skills in the English language.

Technical Tools

confluencejirasaas

Who Are We:

Comply is the leading provider of compliance SaaS and consulting services for the global financial services sector. With more than 5,000 clients and hundreds of employees across the globe, Comply empowers Chief Compliance Officers and their teams to proactively manage regulatory obligations, mitigate risk, and scale with efficiency and confidence.

Comply serves thousands of global financial services clients including broker-dealers, insurers, investment banks, private funds, RIAs, and wealth managers who rely on Comply offerings to power their compliance programs.

To learn more about Comply, visit comply.com

The Role:

Primary responsibilities of this role include responding to due diligence questionnaires, conducting policy reviews, and ensuring adherence to ISO 27001 and SOC2 security compliance controls.

Excellent communication skills in the English language.

Primary in responding to due diligence questionnaires from clients, partners, and regulatory bodies.

Conduct thorough reviews of existing security policies and procedures. Ensure alignment with ISO 27001 and SOC2 security controls.

Assist in the development and implementation of new security policies, procedures, and supporting artifacts.

Monitor and report on compliance status and progress; Engage cross-organizationally to collect supporting artifacts and implement new controls.

Collaborate with internal teams to address compliance-related issues and gaps.

Conduct internal and external audits related to security compliance, access reviews, firewall audits, and other required processes.

Experience using security tools such as EDR and SIEM to accomplish automating compliance activities.

Stay updated on the latest compliance requirements and industry best practices.

Provide training and support to staff on compliance-related matters via security newsletters, yearly security awareness training, and phishing exercises.

Bachelor's degree in Information Security, Computer Science, or related field.

3-5 years of experience in a security compliance, GRC, or related information security role.

Strong understanding of ISO 27001 and SOC2 compliance frameworks, as well as NIST defined standards.

Excellent written and verbal communication skills, via email and on calls.

Detail-oriented with strong analytical and problem-solving abilities.

Ability to work independently and as part of a team.

Experience using Jira, Confluence, and SharePoint for collaboration.

At least one relevant certification (e.g., CISA, CASP+, CISM, ISO 27001 Lead Auditor).