Array is the litigation support partner that delivers speed, accuracy and unmatched service. Our mission: to seamlessly manage the logistics of litigation so lawyers can focus on winning their cases.

Location

Fully Remote

Salary

$70-85k

Summary

This position helps ensure that the company remains in compliance with industry regulations and certifications. This position reports to the Security Officer and works with various organizations at the company to help implement and maintain standards, policies, plans, processes, procedures, and other activities as required to meet corporate compliance and regulatory requirements. This position will manage compliance projects, track compliance activities, develop reports, track various matrices, conduct testing of internal controls, and perform internal self-assessments and audits. This position may occasionally interface with Third Party Assessment Organizations in support of external assessments and activities.

Responsibilities

Short Term (3-6 Months)

• Assisting with internal and external audits and assessments including control assessment, monitoring, and reporting including collection and organization of evidence.
• Conducting third party controls evaluations to determine risk.
• Working with various internal teams or external parties to define and prioritize remediation efforts, tracking remediation activities, and inspecting/validating solutions that have been implemented.
• Responding to Array and customer questions regarding GRC topics and Array technologies and services.
• Performing other duties within the scope of governance, risk, and compliance as needed.

Long Term

• Assist in the management and coordination of the SOC II audit.
• Planning and execution of internal audits of internal systems and processes.
• Ability to manage expectations, escalate issues, and drive action items to completion are critical for this role.
• Implement industry-standard best practices for user-access control and collaborate with internal teams to manage onboarding and offboarding procedures and execution.
• Develop documentation for policies, procedures, and standards as it relates to all Array operating activities.
• Recommend process improvements to existing workflows.
• Develop, implement, maintain, and oversee enforcement of internal security policies and procedures.
• Track security incidences or gaps recognized from audits along with remediation actions taken.

Qualifications

• Relevant degree/qualifications or equivalent work experience.
• 1-2 years’ experience in a corporate environment, preferably in a risk, data privacy, audit, or project coordination role.
• Experience with SOC 2 Type 2, PCI, ISO27001, CMMC, FedRAMP or similar compliance frameworks.
• Project management experience.
• General knowledge of IT systems, DevOps, IT security, AWS/Azure, GRC tools.
• Strong attention to detail with an analytical mind and great problem-solving skills.
• Exceptional verbal and written communication skills to interact with internal and external teams, including executive leadership.
• Excellent analytical and critical thinking abilities.
• Demonstrated detail-orientation with strong organizational skills, including the ability to self-manage time and tasks.
• Ability to learn complex concepts and subjects under a variety of conditions including formal and informal training as well as on the job coaching and through trial and error; participates in self-study and active learning with the goal of becoming a product subject matter expert.
• Ability to multi-task and handle shifting priorities.
• Strong interpersonal skills with an ability to develop productive working relationships.