Compliance & Risk Analyst
Precisely
Application and Interview Impersonation Notice: Impersonating another individual when applying for employment, and/or participating in an interview process to assist another individual in obtaining employment, with Precisely Software Incorporated (“Precisely”) is unlawful. If Precisely identifies such fraudulent conduct, then as applicable and to the extent permitted by law, the application will be rejected, an offer (if made) will be rescinded, or the employment will be terminated, and legal action may be taken against the impersonators.
Precisely is the leader in data integrity. We empower businesses to make more confident decisions based on trusted data through a unique combination of software, data enrichment products and strategic services. What does this mean to you? For starters, it means joining a company focused on delivering outstanding innovation and support that helps customers increase revenue, lower costs and reduce risk. In fact, Precisely powers better decisions for more than 12,000 global organizations, including 95 of the Fortune 100. Precisely's 2500 employees are unified by four company core values that are central to who we are and how we operate: Openness, Determination, Individuality, and Collaboration. We are committed to career development for our employees and offer opportunities for growth, learning and building community. With a "work from anywhere" culture, we celebrate diversity in a distributed environment with a presence in 30 countries as well as 20 offices in over 5 continents. Learn more about why it's an exciting time to join Precisely!
Overview: EngageOne, a business unit within Precisely, produces a suite of SaaS and on-prem software products that handle personal data. We are looking for Compliance and Risk Analyst with experience of information security compliance frameworks, implementation and testing of internal controls and secure software development best practices.
What you will do:
- Support annual SOC 2, ISO 27001 and customer audit activities.
- Maintain compliance with applicable regulations and security frameworks applicable to each software product.
- Work closely with internal stakeholders to keep abreast of planned changes to technologies, working practices, and business activities that could have an impact on EngageOne’s Information Security or risk profile.
- Work with product teams to prioritize work to improve security posture.
- Conduct threat modeling exercises with engineering teams
- Participate in the maintenance and management of the Security Risk Management program.
- Propose changes to the EngageOne Information and Cyber Security systems, processes and procedures by continuously analyzing and reviewing new security technologies and practices as informed by industry best practice
- Other duties may be assigned
What we are looking for:
- Bachelor’s degree in information security, Computer Science, IT Management or similar (Equivalent work experience will be accepted in place of the education requirement)
- 3+ years of experience
- Strong process and gap analysis skills
- CISSP, CCSP and/or CRISC certifications preferred.
- Prior experience with AWS, AI, encryption or threat modeling highly desirable.
Salary: 114 750- 153 000 PLN gross per year - compensation is flexible and open for discussion, with the possibility of adjustment for candidates whose skills and experience strongly align with the role’s requirements
#LI-ZB1
The personal data that you provide as a part of this job application will be handled in accordance with relevant laws. For more information about how Precisely handles the personal data of job applicants, please see the Precisely Candidate Privacy Notice