Compliance Manager

Position Overview

As a Compliance Manager at Aunalytics, you will oversee and strengthen our security policies and compliance frameworks, ensuring both are aligned with industry standards and client expectations. This role requires a blend of technical expertise and strategic oversight to develop security documentation, conduct risk assessments, manage audits, and monitor our ongoing security compliance.

Essential Duties & Responsibilities:

Security and Compliance Documentation:

• Develop and maintain comprehensive documentation for security standards and compliance controls, ensuring technical accuracy and adherence to guidelines

• Create and update documentation for security measures, including firewall configurations, anti-virus settings, web filtering, and group policies

Security Reporting and Analytics:

• Generate detailed security reports and conduct analytics to assess and improve the organization's security posture

• Provide support for mandated security reporting and threat management for our cloud and internal infrastructure

Risk Management and Audit Coordination:

• Lead risk analysis exercises and generate risk assessment reports to identify vulnerabilities and implement mitigation strategies

• Coordinate and execute continuous audit activities governed by compliance frameworks and regulations, including SOC2, HIPAA, PCI, NIST, FedRAMP, and CMMC

• Manage audit fieldwork, schedule vendors, collect evidence, and support external audit processes to maintain transparency and build trust with stakeholders

Compliance Support and Continuous Improvement:

• Assist with the implementation and administration of compliance controls, particularly for FedRAMP, and manage ongoing compliance requirements

• Stay informed on IT trends and security standards to drive continuous improvement within our security practices

Vulnerability Management:

• Provide support for documenting results and risk management compliance with regulatory mandates

Required Skills:

• Bachelor's Degree in information security or related field preferred

• CISA, CRISC, CRMA, or CISSP certifications preferred

• Experience in security, audit, or compliance roles with a focus on IT compliance standards such as SOC2 Type 2, HIPAA, PCI, NIST 800-171, 800-53, CSF, FedRAMP, and CMMC

• In-depth understanding of security and compliance principles within an IT framework, especially in a managed services environment

• Strong technical writing skills, capable of producing clear and actionable security documentation and risk assessments

• Ability to investigate security events and incidents

• Excellent interpersonal and communication skills, capable of effectively engaging with internal teams, external auditors, and clients

What's in it for You?

• Opportunity to work in the booming field of cloud, data management, and analytics alongside some of the brightest minds in the industry

• Opportunity to work with cutting-edge technology in an engaging, fun environment

• Opportunity to be a part of a local company committed to making a difference in our community

• Chance to work with a rapidly expanding tech company

• Flexible schedule and paid time off

• Free snacks and an unlimited supply of coffee

• Social events such as happy hours, game nights, holiday parties, birthday celebrations, movie days, ice cream sundae bars, fancy coffee carts, company softball team, etc.

• Competitive salary and benefits package including health, vision, dental and life insurance and 401(k) plan