You have opted out of job matches in .
To undo this, go to the 'Skills and Interests' section of your preferences.
Posted about 1 year ago
Requirements and responsibilities
β¨ Join Eden Data as a Compliance Support Specialist and Make a Real Impact! π
As a Compliance Support Specialist at Eden Data, you will play a critical role π in helping our clients achieve and maintain compliance with SOC 2 Type II, ISO 27001, and other framework standards. π‘οΈ
You will maintain clear client communications via Slack π¬ and email π§, oversee clients' Drata instances βοΈ to ensure all compliance requirements are met, and create and manage project plans in Asana ποΈ as needed. You will collaborate closely with the internal cybersecurity team π§βπ» to implement security controls, conduct risk assessments π€, maintain security documentation π, and continuously enhance compliance initiatives to protect sensitive information. You will also be answering client questions daily via Slack π¬ and email π§.
Key Responsibilities:
Technical Support:
-Provide technical support π οΈ for cybersecurity tools and technologies, ensuring operational effectiveness and timely issue resolution. β
-Maintain security awareness training documentation π for internal and client-facing audiences to promote cybersecurity best practices. π‘
-Support clients' audit readiness β
by assisting with evidence collection, control testing, and remediation tracking. π
-Assist clients with the setup and maintenance of GRC (Governance, Risk, and Compliance) tools, particularly Drata βοΈ, including data migration, vendor module configuration, user management, and policy updates. π§βπ§
Security Documentation:
-Create, maintain, and update security policies, procedures, and compliance documentation π to align with industry standards. π―
-Develop and maintain trackers π for client purposes according to their internal policy requirements. π
-Assist clients in completing Self-Assessment Questionnaires (SAQs) βοΈ, leveraging existing onboarding information, historical SAQs, and data housed within GRC platforms. π
-Conduct periodic user access reviews π΅οΈ across clients' systems and applications. Assist in preparing reports π and documenting response actions. π
Collaboration:
-Partner with cybersecurity team members π€ and cross-functional departments to implement and sustain security measures. π§βπ€βπ§
-Research and respond to clients' ad-hoc security inquiries π€, providing clear and actionable findings. π‘
-Leverage internal tools βοΈ to optimize workflows and drive efficiency in daily operations. π
Exercise Self-Direction:
-Regularly assess and enhance client security postures π‘οΈ, leveraging GRC platform features for control management, task assignment, and audit readiness activities. π―
-Operate autonomously π§, taking ownership of work πͺ and executing tasks ahead of deadlines with minimal oversight. β°
Requirements:
-Education: Bachelor's degree π in Information Security, Computer Science, or a related field.
-Relevant certifications SEC+, CISA, or equivalent may be required. (CISSP, CISM, CRISC are a plus π).
-Experience: Minimum of 2β4 years of experience β³ in cybersecurity, with a focus on compliance management and project management.
-Technical Skills: Proficiency in using Asana (or equivalent) ποΈ for project management and Slack π¬ for effective communication.
-Familiarity with Drata βοΈ or similar compliance management tools is highly desirable β¨.
-Compliance Knowledge: Strong understanding πͺ of SOC 2 Type I and II, and ISO 27001 standards, controls, and assessment methodologies.
-Experience with other compliance frameworks (e.g., HIPAA, GDPR, NIST) is nice to have π.
-Analytical Thinking π€: Ability to analyze and identify security risks, providing practical recommendations for mitigating those risks. π‘
-Communication Skills: Excellent verbal and written communication skills π£οΈ in English, with the ability to convey technical concepts to both technical and non-technical stakeholders effectively.
-Collaboration π€: Proven ability to work collaboratively in a team environment, interacting with clients, internal teams, and third-party auditors or assessors (as needed).
-This role would not need to take external calls with clients (via Zoom etc.) but does need to be externally facing via Slack π¬ and email π§ correspondence.
-Ability to work independently π§, remotely π», with assigned tasks and deadlines β°, with minimal oversight.
-Attention to Detail π: Meticulous and thorough approach to work, ensuring accuracy in documentation, reporting, and compliance activities.
-Adaptability π: Ability to thrive in a fast-paced and rapidly changing environment πͺοΈ, managing multiple projects simultaneously and meeting deadlines.
Benefits:
-Competitive salary π°.
-Prepaid medical plan π₯.
-Life insurance π‘οΈ.
-Your birthday off! π
-Indefinite-term contract π with full legal benefits.
Optionally, you can add more information later (benefits, pre-screening questions, etc.)