Senior Compliance Analyst

We are seeking a detail-oriented and proactive Senior Compliance Analyst to join our team. This role is crucial in ensuring our operations adhere to all relevant regulations and internal policies. The ideal candidate is a coachable self-starter, results-oriented, with strong technical expertise and excellent communication skills. They should be a team player with robust partnership skills, committed to our customers' success, and passionate about providing a world-class user experience.

Duties and Responsibilities include the following. Other duties may be assigned.

Senior Member of the IdenTrust Compliance Team:

• Audit Compliance Owner: Ensure readiness for external audits by conducting regularly scheduled internal compliance audits.
• Operational Reviews: Ensure all operational practices comply with established policies, legal and contractual obligations, and meet or exceed industry best practices.
• Documentation Management: Create and maintain compliance-related documentation.
• System Security Plan Support: Maintain the organization’s System Security Plan and supporting process documentation.
• Awareness Training: Support security and compliance-related awareness training annually, as requested by the CIO or Compliance Manager.
• Document Review: Conduct semi-annual reviews to ensure all operational documentation is complete and up to date; assist document owners in drafting and maintaining essential policy and procedure documentation.
• Risk Assessment: Support annual risk assessment reviews to identify potential threats to the organization’s operations and security; recommend readiness or remediation activities.
• Client and Audit Liaison: Serve as the point of contact for clients and best-practices compliance audits for compliance, privacy, and overall operations.
• Technical Activities: Participate in technical activities requiring multi-person control, as needed.
• Business Continuity Planning: Support the maintenance of an effective Business Continuity Planning (BCP) program.
• Disaster Recovery: Participate in annual Disaster Recovery exercises to ensure compliance-related activities are properly executed.
• Cross-Team Coordination: Work with other teams within IdenTrust to ensure coordination of compliance-specific activities; assist with problem-solving and troubleshooting as necessary.
• Policy Input: Provide input on Certificate Policy (CP) and Certification Practices Statements (CPS) for the ongoing support of various Public Key Infrastructure (PKI) programs.
• Senior Management Communication: Communicate the status of projects, issues, and vulnerabilities to senior management.
• Security Awareness: Support an effective Security Awareness program throughout IdenTrust.

IdenTrust Risk Management Committee:

• Expert Advice: Provide subject-matter-expert advice on security, compliance, and privacy-related issues.
• Additional Duties: Perform other duties as assigned.

Company Privacy Officer:

• PII Management: Maintain an understanding of how personally identifiable information (PII) is acquired, processed, stored, and disseminated.
• Privacy Documentation: Maintain and regularly update organizational privacy practices documentation.
• Legal Advisory: Advise the legal team on keeping the Privacy Policy up to date.
• PII Compliance: Ensure the receipt, processing, and storage of PII meet contractual and legal obligations and industry standards.
• Internal Audits: Conduct internal audits or reviews at least annually to ensure compliance with the Privacy Policy.
• International Agreements: Maintain agreements to allow PII of individuals outside the US to be stored within US boundaries.
• Privacy Activities: Conduct other privacy-related activities as documented in the Privacy Practices documentation.

SAFe Agile Team Participant:

• Agile Participation: Participate as a member of a designated SAFe Agile team to provide compliance-related subject matter expertise and sponsor new features related to process improvement to ensure company compliance with policies and regulatory requirements.

CFIUS:

• National Security Agreement: Serve as an active resource for the company’s National Security Agreement with the United States Committee on Foreign Investment in the US (CFIUS).

Qualifications

To perform this job successfully, an individual must be able to satisfactorily perform each essential duty. The requirements listed below represent the knowledge, skills, and abilities required. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions.

• Regulatory Knowledge: Strong understanding of regulatory requirements and compliance standards.
• Analytical Skills: Excellent analytical and problem-solving skills.
• Attention to Detail: Strong attention to detail and organizational skills.
• Communication Skills: Effective communication and interpersonal skills.
• Project Management: Advanced project management skills.
• Presentation and Auditing: Excellent communication, presentation, analytical, and auditing skills.
• Organizational Skills: Outstanding organizational skills and attention to detail.
• Technical and Regulatory Understanding: Demonstrated ability to understand and explain complex technical and regulatory issues.
• Documentation: Demonstrated ability to write clear, correct, and concise documentation in English.
• Independence and Teamwork: Ability to work independently with minimal supervision and as part of a team.
• Multitasking: Demonstrated ability to handle multiple tasks and assignments, and to complete work within time and budget constraints.
• Research Skills: Ability to perform research using online tools.
• Microsoft Office Expertise: Expert-level mastery of Microsoft Office applications, including word processing, project planning, and presentation applications.

Education and/or Experience

• Bachelor's degree in computer security, information systems, business management, organizational communications, or a related discipline. Candidates with equivalent education and relevant industry experience may also be considered.
• Minimum of five (5) years of audit and/or compliance experience in a technology company.
• Proven experience as a Compliance Analyst or in a similar role.

Language Skills

• Ability to effectively communicate in English, both verbally and in writing.
• Ability to read and interpret technical journals, specifications, and international technical standards.

Work Environment

The work environment characteristics described here are representative of those encountered by an employee while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions.

• Employee works primarily in an office environment, within a well-ventilated area, and is exposed to moderate noise levels.
• For all roles with job duties that can be performed effectively both inside and outside of an HID site, local management and HR can approve, on average, up to 2 days a week working from home in line with business and team requirements. Additionally, temporary arrangements to work fully remote for up to 4 weeks per year can also be approved by the local manager and HR. An employee's direct manager has the sole discretion to select which 2 days of the week an employee may work remotely.
• The direct manager and HR will manage individual, temporary exceptions and schedule changes to best meet employee and business requirements. Employees can also request adjustments to daily start and stop times or core hours required in the worksite with manager approval, as long as it meets the business needs.
• The company reserves the right to end any flexible arrangement and request the employee to work standard work hours from a company worksite if deemed necessary or if the employee is unable to successfully perform their job duties.
• Employees are expected to have the necessary equipment and workspace available to them outside the HID facility to be able to work remotely. Equipment should not be taken from an HID facility without proper tracking and approval from management. Except for the provision of standard working equipment (e.g., laptop, monitor), HID will not reimburse an employee's expenses incurred while working remotely, such as, internet, utilities, and personal cell phone, unless required by applicable law or agreed to by an employee's direct manager.

Work Requirements

• Compliance with all relevant HID Global policies and procedures related to Quality, Security, Safety, Business Continuity, and Environmental systems.
• Must be a U.S. citizen.
• Must be legally eligible to work in the United States.
• In order to be eligible for a Trusted Role, the candidate must agree to, and successfully pass a comprehensive background check, including but not limited to:
• Financial review (credit worthiness)
• Civil review (public records, judgments, liens, etc.)
• Criminal background check (federal, state, county)
• Employment verification
• Education verification
• Drug screening