Senior Security Compliance Analyst
Location: United States
Job Type: Full time
We are a Security company and Auth0's Security & Compliance team is in the privileged position of supporting a security-first culture for a company that wants to make the internet safer.
We are seeking a Senior Security Compliance Analyst who can help execute a wide range of assessments and audits across the entire organization. This role will work closely with Security and Compliance leadership to strategize and scope assessments, identify key risk areas, and establish baseline control alignment for continued organizational growth and maturity.
- Design, implement, and oversee the execution of the IT controls program including periodic control testing (e.g., design and effectiveness) sufficient to meet compliance requirements and to satisfaction of internal/external auditors.
- Provide ongoing training, guidance, support, and IT control and compliance status reporting to the company to build awareness of and promote a progressive and sustainable compliance culture.
- Build and maintain effective working relationships and liaise with Product unit control owners to collect, report, and retain compliance documentation.
- Identify control gaps and potential remediation steps; lead and/or assist process re-design and coordination of remediation efforts.
- Collaborate with and advise Product unit resources on implementing IT controls that achieve risk and control objectives while striking a balance between costs vs. benefits.
- Document and maintain risk-based compliance policies and procedures; Develop and maintain IT controls-related content for Information Security & Compliance.
- Assist in effective management of internal and external audit efforts and partnerships; Drive for timely submission of critical audit and compliance deliverables.
- Coach, mentor, and oversee company employees and/or external consultants on a periodic basis.
- Perform QA reviews of IT controls-related work products (e.g., user attestation packages) and client assistance documentation prior to delivering to internal and external auditors, clients, and business partners.
- Assist with IT-related aspects of vendor risk management program functions (e.g., risk assessments, due diligence documentation reviews, control testing, and contract reviews).
- Maintains updated knowledge in the field of risk management and compliance to efficiently work on frameworks including NIST 800-53, IT SOX controls, SOC-2, HIPAA, PCI-DSS, ISO 27001 / ISO 27018, etc.
- Experience maintaining risk register and participating in risk management activities
- Bachelor’s degree required: BS in Computer Science, Information Security, or related field.
- A minimum of 4 + years of experience in the field of Information Security, Cybersecurity, Audit, and/or Compliance is required.
- STRONG project management skills/abilities. Must be able to bring order to chaos.
- Ability to manage multiple engagements while maintaining superior results
- 3+ years of SaaS or Cloud security experience is desirable.
- Deep knowledge of at least two or more security frameworks NIST Cybersecurity Framework controls, COSO Risk Framework, NIST 800-53, ISO, and the ability to determine measures that will satisfy controls, design controls, and determine solutions are strongly required.
- At least 1 professional security management certification: e.g. Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Security Auditor (CISA)
- Knowledge of industry cloud technologies such as Azure, AWS, or similar
- Ability to quickly adapt to shifting priorities, demands, and timelines through both analytical and problem-solving capabilities
- Experience with GRC tools, technology, and implementation
- Project Management: Plan and manage several projects to meet compliance and security requirements. Effectively communicate with other teams at Okta during the entire project cycle.
- Understanding of security functions including Incident Management, Change Management, Identity and Access Management, and Vendor Security Risk Management.
- Self starter and leading initiatives in key areas that could lead to potential non-compliance
Below is the annual base salary range for candidates located in California, Colorado, New York and Washington. Your actual base salary will depend on factors such as your skills, qualifications, experience, and work location. In addition, Okta offers equity (where applicable), bonus, and benefits, including health, dental and vision insurance, 401(k), flexible spending account, and paid leave (including PTO and parental leave) in accordance with our applicable plans and policies. To learn more about our Total Rewards program please visit: https://rewards.okta.com/us.
Okta is an Equal Opportunity Employer/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physial or mental disability, or status as a protected veteran.We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws. If reasonable accommodation is needed to participate in the job application or interview process, please use this Form to request an accommodation.
Okta offers everything you need to support your work, your life, and your work-life balance. Click here to learn more: https://rewards.okta.com/us
Okta is rethinking the traditional work environment, providing our employees with the flexibility to be their most creative and successful versions of themselves, no matter where they are located. We enable a flexible approach to work, meaning for roles where it makes sense, you can work from the office, or from home, regardless of where you live. Okta invests in the best technologies and provides flexible benefits and collaborative work environments/experiences, empowering employees to work productively in a setting that best and uniquely suits their needs. Find your place at Okta https://www.okta.com/company/careers/.