Compliance Analyst
Who We Are
Astronauts needed for a mission.
At the risk of sounding immodest, SecureLink may be the coolest company you've never heard of. After 14 years in business, we announced a strategic investment from Vista Equity Partners in 2017. Vista is the leading technology investment firm focusing exclusively on software, data, and technology-enabled companies. With our partners, existing customers, products and people, we are excited to launch the company to a higher orbit.
SecureLink is the leading platform for secure, remote support of enterprise software. Our customers are top-tier names in healthcare, gaming, government, retail, legal and other highly-regulated industries.
SecureLink's world headquarters in West Austin is called the Hill Country Spaceship - a great facility we believe you would be proud to call your workplace. https://www.securelink.com/about/tourthespaceship/
What You'll Do
The Compliance Analyst is responsible for working with Systems Engineers, Product Development, Services Consultants and other relevant departments to analyze and implement IT Security & Risk Management frameworks, policies, standards, and best practices. The Compliance Analyst will assist in translating industry, government (US & foreign) and contractual compliance requirements (PCI-DSS, SOX, etc.) into internal and customer-facing policies and standards. This role will also serve as the SME for customer compliance concerns in the product and in workflow surrounding the product. The Compliance Analyst is a key player in supporting and educating various business areas across multiple industry compliance standards and requirements. Day-to-day responsibilities will include:
- Ensure compliance with contracts, regulations, and controls by examining and analyzing records, reports, operating practices, and documentation
- Conduct compliance risk assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs
- Support departmental compliance projects related to PCI, HIPAA, SOC and other regulatory bodies as assigned
- Aligns NIST CSF framework requirements with business company processes to assist company stakeholders with determining appropriate controls, test steps, evidence collection and documentation of risks associated with gaps to defined controls
- Author and/or update standards or documentation to align with company and regulatory guidelines
- Assist with responding to customer security and risk assessment questionnaires
- Maintain an awareness of existing and proposed security-standard-setting groups and regulations pertaining to information security and remote access across all customer industries
- Identify regulatory changes that will affect information security policy, product features, and workflows, and recommends appropriate changes
What You'll Need
- A desire to work in a compliance analyst role
- Bachelor's in Information Security or other related technical/analytical degrees
- 3+ years of experience with regulatory compliance and information security management frameworks (e.g., NIST CSF, COBIT, HIPAA, PCI DSS, SOC2, CJIS)
- Aptitude and appreciation for technology and software
- Technical and professional skills or knowledge of testing methodology, risk and controls analysis
- Technical skills for analyzing systems and procedures, developing improvements that support compliance, and determining the potential compliance outcomes of a change in operations
- Demonstrable knowledge of concepts, principles, and practices for: access management, account management, configuration and change management, security patch management, industrial control systems security.
- Ability to quickly learn and apply new technology skills
- Ability to work independently with direction from leadership
- Ability to maintain confidentiality and data accuracy when handling sensitive information
- Excellent written and verbal communication
- Self-initiative with the desire to go above and beyond to delight customers
- Experience in a software environment or compliance role
- Experience with technology solutions applied to compliance and security use cases
Why Choose Us
SecureLink doesn't just Have Fun Creating Value Over the Long Run (HFCV/LR) for our customers and shareholders, we Have Fun Creating Value in the lives and careers of our employees. Benefits and perks include:
- Health: Medical, dental and vision insurance - SecureLink foots the whole bill for employees and subsidizes dependent coverage at 75%!
- Wellness: SecureLink kicks cash into your HSA, $2,500 for those with individual coverage and $5,000 for those with family coverage. Employees are provided with a standing desk, healthy snacks, and have free access to an onsite gym.
- Retirement: SecureLink contributes 3% of your annual base salary to a 401k.
- Time off: Employees receive unlimited PTO, including time to volunteer. Additionally, we offer 10 paid company holidays.
- Perks: Our onsite kitchen provides employees with healthy options for breakfast & lunch every day. We kick back $100 per month towards cell phone reimbursement.
- Workspace: Casual dress code for our employees, and you will see many people around wearing jeans, and yes – even t-shirts and the occasional pair of flip-flops.
What Else?
Happy and successful SecureLink employees embrace the company's mission to have fun creating value over the long run. Great employees have three attributes that make them "slinky". These are 1) excellence at their position, 2) eagerness to grow and improve and 3) a true sense of responsibility to meaningfully contribute to the company, customers, and culture.
If you are just looking for another job, this is not the place for you. We like to laugh and be around happy, smart, interesting, self-motivated and "slinky" people. Slackers, grumps, and pessimists need not apply.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.