The Compliance Analyst position is a senior level position that requires experience in defining, documenting and managing Compliance assessments, audits, risks bringing exceptional business related judgement.
The successful candidate shall have knowledge of compliance standards, as well as, experience managing audits and assessments, and technical knowledge sufficient to support Data Center and cloud hosted environments discussions.
Analyzes and evaluates Compliance risks and provides appropriate mitigation strategies.
Partners with technical leads in analyzing findings and the development of remediation plans, procedures, and standards.
Responds to client questions and provides reports as necessary.What you’ll be doing: Develop and use techniques, process, procedures, and utilities to manage assessments and audits through Blackbaud’s evidence repository Work with both internal and external resources to conduct assessments and audits, address gaps, and ensure compliance with regulatory and industry requirements Act as ‘subject matter expert’ (SME) to other internal customers and departments in the area of Compliance Identifies and conducts Compliance pre-assessments, identifies findings, mitigating controls, and presents assessment reports to management and key stakeholders Provides consultation, guidance, and input to the design, implementation, and operation of appropriate technical, physical, and administrative controls to ensure the protection and compliance of the company’s sensitive information systems Ensure newly identified software designs or acquisition software are adhering to Compliance requirements Work with Security Operations, Security Engineering, Risk Mgt.
to facilitate assessments and audits Communicate and provide regular updates to Management Project Manage smaller assessment efforts when the Sr.
Project Manager is not available Manage the customer and pre-sales request process for SOC/PCI/HIPAA, delivering reports as necessary to our customers Provide pre and post assessment lessons learned, gathering information from the current assessments and provide on-going list of improvements Create and maintain high-quality documentation which summarizes and explains all relevant newly published requirements from the PCI Council and the AICPAWhat you want to have: College degree in Computer Information Systems, Computer Science, Information Security, or equivalent professional experience 5 years progressively responsible experience in Compliance A combination of experience, education, and training which substantially demonstrates the following knowledge, skills, and abilities: Mid-level knowledge of PCI-DSS and SOC standards Experience with GRC (governance, risk, and compliance) system management where the Compliance Analyst should possess knowledge of the following concepts, skills and technologies: Applications, network architecture, multiple platforms and new technologies from a security perspective to include, but not limited to, Firewalls; Intrusion Detection/Protection Systems; Operating Systems (UNIX, Windows); Networking (switches, routers, protocols, etc.); Network Services and Security Vulnerabilities; Network Architecture; Serverless platforms; Remote Access; Multi-factor Authentication; Platform Security (Application, Database, OS); Antivirus; Cryptography; Active Directory; and high-level programming languagesLI-REMOTEStay up to date on everything Blackbaud, follow us on Linkedin, Twitter, Instagram, Facebook and YouTubeBlackbaud is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment.
All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.To all recruitment agencies: We do not accept unsolicited agency resumes and are not responsible for any fees related to unsolicited resumes.
Associated topics: business, company, compliance, compliance office, corporate attorney, court, courtroom, internal, legal department, llp