Technology Compliance Analyst
Are you looking for a chance to build something new with a collaborative team and be a part of a growing company that has a focus on enriching communities?
Due to our growth, Vanco is adding a Compliance Analyst to our Security and Compliance team. This is a New Opportunity, local to Atlanta, with minimal office attendance of one day a week required.
This is a GRC role, and this person will report to the VP of Information Security and Compliance and work alongside multiple departments. This role will provide internal support for Vanco’s Security, Privacy, and Compliance policies, as well as, auditing and testing programs, and other key Compliance and Privacy initiatives. Our ideal candidate will be comfortable in a fast-paced environment. This is a dynamic role with a lot of different responsibilities that will fuel the grow of a critical corporate product. This re-architected and growing payment product will give our clients a better experience, expand our partner opportunities and reduce internal redundant processes.
The Vanco Security and Compliance team is a fun and motivated team that manages the technology risk management, cybersecurity engineering, assurance, governance, and compliance requirements. It is relied upon by the enterprise organization including the entire product portfolio. In the role of a Compliance Analyst, you will join this team and work with our security engineers, other compliance analyst, developers, infrastructure experts, project, and product managers to mature the compliance posture of the organization.
What you’ll be doing:
- The Compliance Analyst is crucial to the team as they will implement a limited internal audit program to assess compliance with organizational Information Security Policy. This audit program will be created from the ground up and is a great opportunity for establishing initial ownership over a material and highly visible project
- You will mature the organizational policy matrix. This will involve reviewing what already exists, recommending changes based on industry best practices, and implementing and the approved changes
- This role will also develop new policies as required by the business. These policies range from technical to non-technical and often require collaboration with other internal teams, including legal and HR. You write and test internal Security, Privacy, and Compliance related whitepapers, policies, and procedures
- You will develop a formal Business Continuity / Disaster Recovery Program, including all associated documentation and templates. This responsibility will include collaborating with a wide range of internal teams
- The Compliance Analyst will also facilitate limited manual user access and entitlement reviews where appropriate. This responsibility is expected to be minimal as efforts are underway to automate this process.
- You’ll be the go-to resource for vendor risk assessment requests on the organization. This will include completing due diligence questionnaires and occasionally investigating the correct answer to a difficult question.
- This role will facilitate the annual testing of Incident Response Plan. You will work with all stakeholders on attendance, participation, lessons learned, and you will publish a final deliverable on the exercise
- You will Develop and roll out practical, effective internal training programs around Security, Privacy, and Compliance across the company. This will include facilitating the new hire and annual security awareness training, including creating the campaigns, staying on top of the results, and following up to ensure maximum compliance. You will also manage an internal employee focused phishing campaign to test the effectiveness of the organizational security awareness training
- You will assist with all external audits as necessary, including gathering evidence, completing documentation, and collaborating with the internal audit lead
Who you are:
- You have a minimum of 3+ years of experience in a combination of Compliance, Risk management, Information Security, Privacy and Information Technology fields
- You have been a been a key member in a compliance program for a SaaS company in frameworks such as SOC2, HIPAA, GDPR, PCI, ISO 27001 - Preferred
- You have Industry-related Bachelor's degree and/or accredited compliance management certification (CISA, CRISC, CISSP, CGEIT) - Preferred
- You have familiarity with SaaS, PaaS, and IaaS providers and their impact and challenges from a compliance perspective
- You have experience in one or more of the following: fintech, compliance, auditing, investigations, regulatory accreditation, process improvement and project management
- You have significant experience in developing Privacy, Compliance, and Information Security policies and procedures, as well as successfully executing programs that meet the objectives of the business
- You have In-depth knowledge of industry compliance requirements and standards
- You have demonstratable experience in writing technology focused policies
- You are self-driven and high attention to detail
- You have fantastic written and verbal communication skills in English (and Spanish as a plus)
- You have demonstrated skills in teamwork and collaboration
- You gravitate towards a creative problem-solving environment leveraging empirical evidence
- You are highly motivated and self-driven
- You take ownership of work and responsibility for your own actions
What we offer:
- 100% Employer Paid Health Insurance Base Plan, Dental, Vision, Life and ADD Insurance
- Paid Holidays and 4 weeks PTO
- 401(k) Plan with employer match
- Opportunities to create processes and structure
- Small collaborative teams where you can impact both outcome and culture
- Ongoing professional development opportunities
- Volunteer opportunities organized by the company
- Join a rapidly growing company that promotes internally
At Vanco, we serve those who enrich our communities. Vanco provides businesses, nonprofits, and educational organizations a complete range of payment solutions and administrative software. Our solutions make payment processing simple and ease administrative burdens for faith-based groups, nonprofits, and schools. We are a software payments company for community organizations, and every transaction tells a story.
An important part of who we are is our Vanco Values in Action. At Vanco, our employees:
- Clearly Care
- Own It
- Have Grit
Vanco is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law.