Information Security Compliance Analyst

Introduction

The focus of this Information Security Compliance Analyst role position is to support the customer request management and commercial agreements process ensuring customer due diligence request are supported from information security and compliance perspective. The analyst will also be required to support ongoing information security/compliance initiatives relating to the global information security compliance program from an operational perspective. The analyst must be organized with an ability to self-manage with multiple high priority initiatives.

Job Responsibilities

•    Help support operational and process driven components of our ISO27001/SOC2/PCI information security program.
•    Help drive a program of continual service improvement to ensure ongoing maturity of the global information security program.
•    Help support the commercial agreement process by reviewing and providing feedback from a Compliance perspective, escalating risks and concerns where       necessary.
•    Coordinate, contribute and complete Requests for Proposals (RFPs), Due Diligence Questionnaires (DDQs), Security Questionnaires as well as ad-hoc questionnaires/requests for prospects and existing customers.
•    Help maintain and exand the information security and privacy customer response/knowledgebase platform to ensure all information is regularly reviewed, is up to date and relevant across the product portfolio and other related engagements.
•    Develop a strong understanding of our Software Service business, and what the products offer.
•    Ensure high quality customer facing content, contribute to complex projects individually as well as balancing priorities within the team.
•    Identify, communicate and escalate risks associated with customer proposals as well as the information security/compliance program overall.
•    Work closely with Compliance Team members, Subject Matter Experts and other stakeholders/internal customers across the business, where necessary.
•    Develop knowledge of industry trends, competitive landscape to facilitate improved customer experience.
•    Support ongoing compliance initiatives relating to the global information security compliance program.
•    Ensuring that information provided to customer is accurate and fit for purpose based on existing practices.

Knowledge and Experience

•    Experience working in an Information Security role dealing specifically with governance, risk and compliance areas is preferred.
•    Awareness of Information Security Compliance programs such as ISO27001, SOC2 & PCI.
•    Ensure that information security control requirements are met from an operational perspective.
•    The ability to identify risks, issues and vulnerabilities.
•    The ability to work proactively, pragmatically and collaboratively in a fast-paced working environment, balancing multiple concurrent activities
•    Knowledge of responding to Customer related Information Security and Privacy due diligence requests.
•    Experience working with contractual agreements within the Compliance area.
•    Strong communication skills collaborating with internal teams, enjoy collaborating across departments.
•    Calm presence under tight deadlines.
•    Self-starter, consistent performer, professional, positive attitude.
•    Excellent attention to detail.
•    Service-oriented mindset.
•    Excellent verbal & written communication skills.