Compliance/ Audit Analyst - Remote

The Analyst- Compliance at Syndigo is responsible for managing compliance on Information Security controls. Review and propose changes to existing policies, procedures and controls based on a risk-based approach to ensure compliance with latest information security policies, regulations, and standards. Coordinate to conduct internal and external audits for ISO 27001 & SOC 2 Type 2 frameworks. Coordinate for timely remediation of non-conformities identified from audits and vulnerabilities identified from penetration tests. Engage with prospects, customers, and partners in meetings/calls, completion of security questionnaires, assessments, and audits. Perform work responding to RFPs. 

Reporting to Syndigo’s Senior Manager-Information Security- Compliance, this candidate can work from home, Bangalore local candidates preferred.

Responsibilities:

• Review and propose changes to existing policies, procedures and controls based on a risk-based approach to ensure compliance with latest information security policies, regulations, and standards.
• Seek input on emerging threats that warrant additional controls. Communicate updates to tech and business owners.
• Monitor and manage compliance of Syndigo’s information security controls.
• Coordinate internal and external security assessments and audits.
• Coordinate timely remediation of security incidents and/or non-conformances.
• Engage with prospects, customers, and partners in meetings/calls, completion of security questionnaires, assessments, and audits.
• Review and propose changes to existing policies, procedures and controls based on a risk-based approach to ensure compliance with latest information security policies, regulations, and standards.
• Seek input on emerging threats that warrant additional controls. Communicate updates to tech and business owners.
• Keep up to date with IT infrastructure and Information security technologies.

Experience:

• 2 years + experience with one or more of the following: SOC 2, NIST, ISO 27001 Series, PCI DSS, HIPAA etc.
• Good knowledge of regulations governing personal data and other regulatory compliance frameworks like GDPR and CCPA
• Experienced in internal and external audits for SOC2, ISO 27001, HIPAA, PCI DSS
• Experience with building and maintaining relationships across all levels and functional areas.
• Expertise in SaaS application operations and identity management
• Strong technical knowledge and hands-on experience of IT infrastructure, Cloud Security and security technologies
• Proven experience working with third-party consultants and auditors.
• Experience with participating in customer and prospect calls related to security & compliance topics including making presentations.

#LI_Remote