Sr. IT Audit and Compliance Analyst
Makati City, National Capital Region (NCR), PH
OPENTEXT - THE INFORMATION COMPANY
As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.
Senior Security Compliance Analyst
The Opportunity
The Senior Security Compliance Analyst will have the opportunity to meaningfully contribute to the OpenText Compliance Program in accordance with ISO 27001, ISO 27017, PCI-DSS, SOC1/2/3, HIPAA, SOC2+HITRUST, SOX, CyberEssentials PLUS, and FedRAMP.
The Senior Security Compliance Analyst plays a key role in the continued development and maturity of an ever-growing Security Compliance Program that supports the delivery of compliance certifications to support customer security requirements.
In this role, you will be involved in managing/supporting and sustaining the various compliance programs by working collaboratively with internal teams, SMEs, external customers, vendors, auditors (external & internal) and other stakeholders.
You Are Great At
- Interfacing with auditors, articulating control implementation and impact, and establishing considerations for applying security and compliance concepts to a technical cloud environment.
- Supporting delivery of audit milestones to ensure audit timelines stay on target by proactively identifying and coordination resolution of roadblocks, compliance risk.
- Effectively communicating compliance program results, including assessment status, workflow, remediation, and reporting, to a broad audience including peers and senior leaders.
- Coordinating the overarching annual audit plan with internal and external auditors to support delivery of multiple, simultaneous audits and certifications (both new and existing) within the OpenText portfolio.
- Collaborating cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of compliance readiness and audit execution.
- Participating in, or potentially leading, gap assessment, compliance readiness, and compliance monitoring activities.
- Developing metrics and dashboards for reporting on assigned compliance programs.
- Leading audit readiness, managing compliance programs, driving continuous improvement activities, delivering dashboarding & reporting metrics.
What It Takes
- Minimum of 3 years of experience in IT audit and/or compliance, with a concentration on leading multiple, simultaneous audit engagements, encompassing multiple frameworks
- Competency in Compliance Program Management.
- Experience delivering compliance programs in GCP, AWS, Azure or other Cloud Service Provider is a plus
- Detailed understanding of evaluating the design and effectiveness of controls and experience working with auditors/regulators for compliance assessments
- Experience leading preparation for and/or managing assessment activities (SOC 1/2/3, ISO 27001, ISO 27017, PCI DSS, HIPAA/HITRUST, SOX, etc.) through assessment planning, assessment fieldwork, and final report delivery
- Experience building certification roadmaps based on customer requirements, compliance documentation, and ensuring that committed assessments are delivered on schedule.
- Experience with CyberEssentials PLUS and/or FedRAMP is a plus.
- Experience with GRC Tools & Compliance Automation is a plus.
- Strong technical, analytical, interpersonal, communication and writing skills.
- Ability to work both independently and within a global team environment
- Demonstrated strength in working in a high change environment.
- Effective team collaboration plus the ability to coach and mentor others.
- Strong personal characteristics as demonstrated by the following: owners’ mindset, achievement-oriented, self-controlled, self-confident, flexible, approachable, and dedicated.
- Industry standard certifications (CISSP, CISA, ISO 27001 Lead Implementer/Auditor) or equivalent is a plus
- Bachelor’s Degree in Information Technology, Business, or related vocations.
- Experience working on nightshifts is a plus
OpenText's efforts to build an inclusive work environment go beyond simply complying with applicable laws. Our Employment Equity and Diversity Policy provides direction on maintaining a working environment that is inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or other basis protected by applicable laws. Should you require accommodations during the selection process, please contact accommodationrequests@opentext.com.
Subject to applicable laws and regulations, OpenText’s global vaccination policy requires all employees to be fully vaccinated against COVID-19 to enter an OpenText office. Accommodations may be available for specific roles.