Lead Security Compliance Analyst
Virtual, CA
OPENTEXT - THE INFORMATION COMPANY
As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.
The Opportunity
The Lead, Security Compliance Analyst will have the opportunity to make meaningfully contributions to the OpenText Compliance Program in accordance with SOC1/2/3, ISO 27001, ISO27017, HIPAA, and SOC2+HITRUST frameworks. The Security Compliance Lead Analyst plays a key role in the continued development and maturity of an ever-growing Security Compliance Program and mergers and acquisition (M&A) gap assessments that support the delivery of compliance certifications to support customer security requirements. In this role, you will be involved in managing and sustaining the various compliance programs by working collaboratively with internal teams, SMEs, auditors and other stakeholders.
You Are Great At
- Leading compliance gap assessments for acquired entities, to identify issues in the control processes, and prepare the organization for external security audits.
- Tracking integration progress, coordinating improvement efforts, and monitoring process improvement effectiveness of the compliance program.
- Effectively communicating compliance program results, including assessment status, workflow, remediation, and reporting, to a broad audience including peers and senior leaders.
- Interfacing with auditors, articulating control implementation and impact, and establishing considerations for applying security and compliance concepts to a technical cloud environment.
- Supporting delivery of audit milestones to ensure audit timelines stay on target by escalating and identifying roadblocks.
- Coordinating the overarching annual audit plan with internal and external auditors to support delivery of multiple, simultaneous audits and certifications (both new and existing) within the Open Text portfolio
- Collaborating cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of compliance readiness and audit execution.
- Developing metrics and dashboards for reporting on assigned compliance programs
What It Takes
- 5+ years of experience in IT audit and/or compliance, with a concentration on leading multiple, simultaneous audit engagements for a Cloud Service Provider, encompassing multiple frameworks
- Familiar with Information Security principles, knowledge of IT processes (e.g. Change Management, Incident Management, Risk Management, Network and System Administration)
- Understanding of evaluating the design and effectiveness of IT controls and experience working with auditors/regulators for compliance assessments
- Experience leading preparation for and/or managing assessment activities (mergers and acquisitions, ISO 27001, SOC reporting, HIPAA/HITRUST, etc.) for assigned cloud services through assessment planning, assessment fieldwork, and final report delivery
- Strong technical, analytical, interpersonal, communication and writing skills.
- Ability to work both independently and within a global team environment.
- Demonstrated strength in working in a high change environment.
- Strong personal characteristics as demonstrated by the following: achievement-oriented, self-controlled, self-confident, collaborative, flexible, approachable, and dedicated.
- Preferred industry standard certifications (CISSP, CISA, ISO 27001 Lead Implementer/Auditor) or equivalent
- Experience with GRC Tools is a plus.
- Bachelor’s Degree in Information Technology, Business or related vocations.
OpenText's efforts to build an inclusive work environment go beyond simply complying with applicable laws. Our Employment Equity and Diversity Policy provides direction on maintaining a working environment that is inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or other basis protected by applicable laws. Should you require accommodations during the selection process, please contact accommodationrequests@opentext.com.
Subject to applicable laws and regulations, OpenText’s global vaccination policy requires all employees to be fully vaccinated against COVID-19 to enter an OpenText office. Accommodations may be available for specific roles.