Lead Security Compliance Analyst
Virtual, US
OPENTEXT - THE INFORMATION COMPANY
As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.
The Opportunity
The Lead, Security Compliance Analyst will have the opportunity to make meaningfully contributions to the OpenText Compliance Program in accordance with a wide range of security frameworks, such as SOC1/2/3, ISO 27001, ISO27017, HIPAA, PCI, FedRAMP frameworks. The Security Compliance Lead Analyst plays a key role in the continued development and maturity of an ever-growing Security Compliance Program that support the delivery of compliance certifications to support customer security requirements. In this role, you will be involved in managing and sustaining the various compliance programs by working collaboratively with internal teams, SMEs, auditors, and other stakeholders.
You Are Great At
- Understanding and knowledge in technical hyperscaler components and the CI/CD pipelines, along with related compliance impacts and requirements
- Leading compliance gap assessments for new audit entities, to identify issues in the control processes, and prepare the organization for external security audits.
- Tracking and coordinating improvement efforts, and monitoring process improvement effectiveness of the compliance program.
- Collaborating cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of compliance readiness and audit improvements
- Effectively communicating compliance program results, including assessment status, workflow, remediation, and reporting, to a broad audience including peers and senior leaders.
- Interfacing with auditors, articulating control implementation and impact, and establishing considerations for applying security and compliance concepts to a technical cloud environment.
- Supporting delivery of audit milestones to ensure audit timelines stay on target by escalating and identifying roadblocks.
- Coordinating the overarching annual audit plan with internal and external auditors to support delivery of multiple, simultaneous audits and certifications (both new and existing) within the Open Text portfolio
- Developing metrics and dashboards for reporting on assigned compliance programs
What It Takes
- 5+ years of experience in IT audit and/or compliance, with a concentration on leading multiple, simultaneous audit engagements for a Cloud Service Provider, encompassing multiple frameworks
- Familiar with Information Security principles, knowledge of IT processes (e.g. Change Management, Incident Management, Risk Management, Network and System Administration)
- Understanding of evaluating the design and effectiveness of IT controls and experience working with cloud hyperscalers, container deployments, and related technologies
- Experience leading preparation for and/or managing assessment activities (ISO 27001, SOC reporting, HIPAA/HITRUST, etc.) for assigned cloud services through assessment planning, assessment fieldwork, and final report delivery
- Strong technical, analytical, interpersonal, communication and writing skills.
- Ability to work both independently and within a global team environment.
- Demonstrated strength in working in a high change environment.
- Strong personal characteristics as demonstrated by the following: achievement-oriented, self-controlled, self-confident, collaborative, flexible, approachable, and dedicated.
- Preferred industry standard certifications (CISSP, CISA, ISO 27001 Lead Implementer/Auditor) or equivalent
- Experience with GRC Tools is a plus.
- Bachelor’s Degree in Information Technology, Business or related vocations.
Estimated Base Salary $116,412- $174,619 USD
While OpenText is an Equal Opportunity Employer, our efforts to build an inclusive work environment go beyond simply complying with applicable laws. Our Employment Equity and Diversity Policy provides direction on maintaining a working environment that is inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or other basis protected by applicable laws. Should you require accommodations during the selection process, please contact accomodationrequests@opentext.com.
Subject to applicable laws and regulations, OpenText’s global vaccination policy requires all employees to be fully vaccinated against COVID-19 to enter an OpenText office to maintain a safe workplace for our employees.