Compliance Analyst

Are you looking for a challenging role as a Compliance Analyst?

As a leading strategic service provider (SSP), InterVision assists IT leaders & C-Suite executives in solving the most crucial business challenges they face by solving for the right technology, deployed on the right premises, and managed through the right model to fit their unique demands and meet their long-term goals.

InterVisions mission is to transform business through the evolutionary power of technology, and we are committed to unlocking value by delivering innovative technology services through a consultative approach. Our people are the best in their field!

If you are looking for a career changing opportunity, we want to meet you!

The Compliance Analyst will provide direct support related to the corporate focus on Security and Compliance related to our Internal and External Customers. This position assists and provides guidance to the current compliance policy standards and will help drive the growth of the Compliance Program. The Compliance Analyst will maintain and grow the documentation and training for internal staff and external customers to drive the success of growing compliance regulations.

This position reports to the Cybersecurity Compliance Manager

We welcome your experience and talents to our team!

• 3+ years of progressive experience in IT Audit and/or Information Security is required.

• 3 -6 years of experience in IT Audit and/or Information Security is preferred.

• Familiarity with SOC2, HITRUST, GDPR, NIST CSF and privacy regulations is essential.

• Familiarity with best practice IT Risk Management as well as other leading security and privacy practices and principles is required.

• Strong interpersonal, writing, analytical, and communication skills.

• Ability to work individually, within a team, and with other groups.

• Ability to independently develop and draft policies and procedures.

• Ability to develop and present training materials to an audience.

• Strong Analytical reasoning and technical and/or analytic skills are required.

• In-depth knowledge of IT organization business processes and systems including IT Security, data management, architectural and planning, technology lifecycle management, regulatory issues.

Desirable Qualification:

• Bachelor's degree in a related field of equivalent years of experience

• One of more of the following certifications:

• Certified Information Systems Auditor (CISA),

• Certified Information Systems Security Professional (CISSP)

• Governance, Risk and Compliance certification (CGRC),

• Certified Risk and Information Systems Control (CRISC)

• Proficient knowledge of ServiceNow, including the ServiceNow Risk Management Module

Some of the exciting work you will deliver:

• Keep abreast of compliance and privacy changes, revise policies and standards in response to regulatory and management requirements; and communicate changes through periodic updates and compliance newsletters to team members, management and board of directors when required.

• Document policy exceptions, seek management approval, and report status to the Governance, Risk and Compliance (GRC) committee.

• Oversee the corporate privacy program, monitor evolving privacy laws, and ensure all related policies and legal documents remain current.?

• Research and respond to staff questions regarding regulatory compliance.

• Investigate compliance issues as they arise; escalate and document non-compliance to management.

• Oversee both internal and external audits and assessments, ensuring adherence to corporate policies. Address inquiries from clients and vendors. Additionally collaborate with stakeholders to draft responses to audit findings and formulate corrective action plans.

• Coordinate annual SOC 2 and HiTRUST audits, oversee audit timelines, monitor requests, coordinate with stakeholders, and verify and upload evidential data.

• Manage quarterly Testing, Training, and Exercises (TTE) audit requirements, coordinate with stakeholders and document results.

• Assist in evaluating vendors, conducting compliance assessments, reviewing contract and RFP requirements, as well as examining client contracts for privacy and information security considerations, updating policies and standards to align with contractual obligations.

• Manage, track, and report risks on risk register; periodically update risk assessments and report mitigation action status to stakeholders, management, and board members.

• Assist in establishing minimal control requirements for new and existing products to ensure compliance and security.

• Assist in evaluating software against compliance requirements and maintain Authorized Software list for organizational use.

• Review and evaluate new products to ensure they meet compliance standards as outlined in external-facing product documents.

• Periodically update BIAs, maintain Continuity of Operations Plans and oversee disaster recovery plans.

• Perform additional duties as requested or required by management.

How Do We Back Our Strong Reputation?

GREAT PLACE TO WORK:

InterVision is an AWS Premier Partner and Microsoft Azure Gold Partner with a rapidly growing team of world class AWS and Azure Solution Architects, Cloud Engineers, DevOps Specialists, Security Specialists, Network specialists, Database specialists, Big Data specialists, and ML/AI data scientists. InterVision has Architects and Engineers with many AWS, Azure, and GCP certifications. We also have Architects and Engineers with extensive edge technology and hybrid cloud experience, as well as application development experience. Our team has experience with a wide variety of AWS services, and we are increasingly growing our Azure practice so that many of our team are experts in multi-cloud environments. InterVision has many AWS competencies - Migration, DevOps, Digital Workplace, Storage, Government and Education. We do work for many different types of clients in many different business domains. Our team is widely dispersed across the US but is in constant communication using Slack and other collaboration tools, so you will immediately feel welcome and part of the team and will be able to share your experiences and learn from others. We invest in our team: All of staff have access to ongoing education and personal development.

CUSTOMER SUCCESS: When it comes to technology, our 30+ year history has guided some of the largest and most influential companies solve their problems with a broad range of innovative technologies ranging from network infrastructure to collaboration to cloud migrations.

InterVision can not only help clients refine their strategy with the right technology and the right cloud strategy, but also bring the resource models to take it to the finish line, assuring them a powerful combination of vision and capabilities.

BROAD CAPABILITIES: InterVision offers a wide range of services and solutions that organizations need to thrive in todays dynamic IT market, including a broad range of innovative solutions for datacenter and cloud transformation, IT resiliency, modern communications, remote workforce, and advanced data analytics. We are competitive at all levels of engagement.

INDUSTRY ACCOLADES: InterVision has received some of the technology industrys most prestigious awards and acknowledgements repeatedly by Gartner and Forrester plus Inc. Magazines 5000 Fastest Growing Private Companies.

TOP VENDOR CERTIFICATIONS: InterVision holds the highest certifications and partner levels with leading technology vendors, and we have teams of trained, certified engineers supporting their solutions. Here are just a few of the certifications from our list of 80+ vendors: Amazon Partner Network (APN) Premier Consulting Partner (with seven competencies), NetApp Star Partner, Cisco Gold Certification, Cisco Cloud and Managed Services Master, Juniper Elite Partner, Microsoft Gold Partner, AT&T Premier Partner, Palo Alto Networks Diamond Partner, and VMware Premier Partner to name a few.

#LI-JD1