Compliance Analyst at SecureLink
Who We Are
At SecureLink, we take our jobs seriously, but ourselves, not so much. We aren't afraid of a challenge and understand the autonomous and team effort required to accomplish something great! Founded in 2003, and headquartered in Austin, Texas, SecureLink provides market-leading security, privacy and compliance solutions, securing third party remote access for highly regulated enterprises and technology vendors, as well as insider access with innovative machine learning and audit of access to the most mission critical and sensitive systems of more than 30,000 organizations worldwide across multiple industries, including healthcare, manufacturing, government, legal and gaming.
We believe diversity drives better outcomes. We want you to be you. SecureLink is a place where your ideas and performance matter. Different ideas, perspectives, and backgrounds create a stronger and more creative work environment that delivers better results.
Choose Where You Work
At SecureLink, we believe trust is an essential ingredient for building productivity in the workplace. We want to ensure all our employees feel both safe and productive. Our employees have the option to work 100% remotely, 50% remotely, or 100% from our physical offices located in Austin, TX, and Nashville, TN.
Remote work can currently be supported for employees residing in the following locations: AR, CA, CO, FL, ID, IL, KY, MD, MI, MN, NY, OH, PA, TX, TN, VA, WA.
What You'll Do
Our Compliance Analyst is responsible for working with Systems Engineers, Product Development, Services Consultants and other departments to analyze and implement IT Security & Risk Management frameworks, policies, standards, and best practices. The Compliance Analyst will assist in translating industry, government (US & foreign) and contractual compliance requirements (PCI-DSS, SOX, etc.) into internal and customer-facing policies and standards. This role will also serve as the SME for customer compliance concerns in the product and in workflow surrounding the product. The Compliance Analyst is a key player in supporting and educating various business areas across multiple industry compliance standards and requirements. Day-to-day responsibilities will include:
- Ensure compliance with contracts, regulations, and controls by examining and analyzing records, reports, operating practices, and documentation
- Conduct compliance risk assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs
- Support departmental compliance projects related to PCI, HIPAA, SOC and other regulatory bodies as assigned
- Aligns NIST CSF framework requirements with business company processes to assist company stakeholders with determining appropriate controls, test steps, evidence collection and documentation of risks associated with gaps to defined controls
- Author and/or update standards or documentation to align with company and regulatory guidelines
- Assist with responding to customer security and risk assessment questionnaires
- Maintain an awareness of existing and proposed security-standard-setting groups and regulations pertaining to information security and remote access across all customer industries
- Identify regulatory changes that will affect information security policy, product features, and workflows, and recommends appropriate changes
What You'll Need
- Bachelor's in Information Security or other related technical/analytical degrees
- 3+ years of experience with regulatory compliance and information security management frameworks (e.g., NIST CSF, COBIT, HIPAA, PCI DSS, SOC2, CJIS)
- Aptitude and appreciation for technology and software
- Technical and professional skills or knowledge of testing methodology, risk and controls analysis
- Technical skills for analyzing systems and procedures, developing improvements that support compliance, and determining the potential compliance outcomes of a change in operations
- Demonstrable knowledge of concepts, principles, and practices for: access management, account management, configuration and change management, security patch management, industrial control systems security.
- Ability to quickly learn and apply new technology skills
- Ability to work independently with direction from leadership
- Ability to maintain confidentiality and data accuracy when handling sensitive information
- Excellent written and verbal communication
- Self-initiative with the desire to go above and beyond to delight customers
- Experience in a software environment or compliance role
- Experience with technology solutions applied to compliance and security use cases
Why Choose Us
SecureLink doesn't just Have Fun Creating Value Over the Long Run (HFCV/LR) for our customers and shareholders, we Have Fun Creating Value in the lives and careers of our employees. SecureLink invests in employee development including extensive job and product training, access to LinkedIn Learning, monthly knowledge sharing sessions, career pathing, professional development, and more. Benefits also include:
- Medical, dental, and vision insurance - SecureLink pays 100% of the premium for employees and 75% for dependents!
- We contribute to your HSA ($2,700 for employee coverage or $5,400 for family coverage).
- We help you save for retirement. We contribute equivalent to 3% of your annual base salary to a 401k.
- Employees enjoy unlimited PTO, including the time to volunteer.
- We give $100 per month towards cell phone reimbursement.
- At the office, employee perks include two meals a day, bringing your dog to work, and an onsite gym.
Happy and successful SecureLink employees embrace the company's mission to have fun creating value over the long run. Great employees have three attributes that make them "slinky". These are 1) excellence at their position, 2) eagerness to grow and improve and 3) a true sense of responsibility to meaningfully contribute to the company, customers, and culture.
If you are just looking for another job, this is not the place for you. We like to laugh and be around happy, smart, interesting, self-motivated and "slinky" people. Slackers, grumps, and pessimists need not apply.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of actual or perceived race, creed, color, religion, alienage or national origin, ancestry, citizenship status, age, disability or handicap, sex, marital status, veteran status, sexual orientation, gender identity, genetic information, or any other characteristic protected by applicable federal, state, or local laws.