Senior IT Risk and Compliance Analyst

The Senior IT Risk and Compliance Analyst will help shape the Information Security Team's third-party vendor risk management program, serving as a subject matter expert for third-party vendor risk management and performing vendor risk assessments. The role will also collaborate with the procurement department and other internal stakeholders to improve and expand the vendor risk management program.

Requirements

• A bachelor's degree and 5+ years' experience include 3+ in a vendor risk related role
• Experience serving as the subject matter expert for security vendor due diligence
• Experience performing contract review of security terms
• Familiarity with common compliance standards (SOX, SOC2, PCI-DSS, GDPR etc.)
• Familiarity with security frameworks (ISO 27001, NIST, etc.) and general security concepts
• Strong organizational skills and the ability to multitask and switch priorities with short notice
• Strong business analysis, research and analytical skills
• Excellent communication skills

Benefits

• 100% 401k match up to 6% of salary
• Stock Ownership Potential
• Company provided life insurance - 1x salary + commission
• Comprehensive health benefits (medical/dental/vision) including potential premium discounts and company-provided HSA contributions (up to $500-$2,000 annually) for specific plans and coverages
• Additional medical Wellness Incentives - up to $300-$600 annual
• Company-provided long- and short-term disability insurance
• Trust-Based Time Off
• 6-week Paid Sabbatical Program
• 6-Week Paid Family Caregiving Leave
• Competitive 8-24 Week Paid Parental Leave
• Adoption Assistance
• Leadership Coaching & Formal Mentorship Opportunities
• Annual Flex Stipend - $1000 annually to cover personal education & well-being expenses
• Tuition Reimbursement
• Charitable Matching Gifts program
• Dollars for Doers volunteer program
• Paid volunteering days
• 15+ Employee Resource & Affinity Groups