We are seeking a knowledgeable and proactive Senior Compliance Analyst with a broad base of industry recognized Information Security frameworks and associated regulatory and legal compliance, to join our rapidly growing (and very friendly) global Information Security & Risk department.
This role will report into the Director of Audit and Assurance. You’ll spend your time :
Operating as an internal auditor against Snyk’s integrated ISO27001, ISO27017 & SOC2 controls, with a future scope of ISO22301, FedRamp and SOX.
Providing deputisation support to the Director of Audit and Assurance
Evaluating internal compliance against required framework controls and providing meaningful recommendations on known gaps in compliance to feed into the GRC team improvement initiatives
Communicating found gaps in controls to key stakeholders and providing effective reporting mechanisms
Promoting a culture of continuous improvement by providing training and guidance to employees on aspects of security and compliance where appropriate
Contributing significantly to the development of our Information security frameworks and continuous improvement projects by working with the GRC team to highlight any opportunities for process improvements.
Acting as an internal consultant and compliance advocate by advising the go to market teams on aspects of compliance and controls that can support customer and prospect supply chain review and due diligence
Supporting our Customer assurance processes with any required collation of evidence, customer facing calls, security addendum or legal reviews and collateral reviews.
You should apply if you :
exceptional communication and interpersonal skills and fundamentally believe in the importance of using compliance to enable business as well as protect it
a certified internal auditor with internal auditing experience in ISO27001 and other information security & data management frameworks
have experience in implementing and maintaining successful compliance frameworks
the ability to formulate compliance policies, procedures, and related documentation.
are an individual who strives to lead organisations towards excellence in compliance
We value diversity at Snyk, and would particularly encourage applications from those who are traditionally underrepresented in tech.
If you like the sound of this role but are not totally sure whether you're the right person, please apply anyway!