Senior Compliance Analyst
EarnestSalary not specified
Full Time
Junior (1 to 2 years)
Not SpecifiedCompensation
Mid-level (3 to 4 years)Experience Level
Full TimeJob Type
UnknownVisa
Technology, SaaS, HR TechIndustries
Requirements
- 1-3 years of operational experience in a role focused on Security Assurance, Third-Party Risk (TPR) Management, or GRC (transferable skills from adjacent domains highly valued)
- Practical experience assisting with the management of security compliance programs (e.g., SOC 2, ISO 27001, or similar), including coordinating evidence collection from control owners and documenting
Responsibilities
- Complete security third-party vendor risk reviews for new and existing suppliers, gathering inputs, logging outcomes, and ensuring alignment with the Third-Party Security Management Standard in partnership with Procurement and Legal
- Assist with the timely completion of high-quality responses to customer and prospect security requests, due diligence questionnaires (DDQs), and information requests
- Proactively assist and help maintain all security and compliance documentation, artifacts, policies, and certifications within the Security Trust Centre (e.g., SafeBase) to enable a self-service experience for customers
- Partner with Sales and Legal to triage requests and ensure security communications are consistent and accelerate the sales cycle
- Collect and track key performance indicators (KPIs) related to customer security review SLAs, document engagement, and overall security assurance efforts for leadership visibility
- Assist with the design, coordination, and delivery of the hybrid cybersecurity awareness program
- Draft and schedule compelling security insights for internal newsletters, Slack, and email, translating complex policy and control requirements into clear, action-oriented guidance for all employees
- Support the operationalisation of the security champions program across business units to extend program reach and reinforce secure-by-default behaviours across the organization
- Assist the GRC team with the ongoing management and maintenance of key security compliance programs (e.g., ISO 27001, SOC 2), including coordinating evidence collection, documentation updates, and control attestations
Skills
GRC
Risk Management
Third-Party Vendor Risk
Vendor Security Reviews
Customer Security Questionnaires
Procurement Collaboration
Legal Collaboration
Culture Amp
People analytics platform for employee engagement
About Culture Amp
Culture Amp provides a people analytics platform aimed at improving employee engagement, performance, and retention within organizations. The platform includes tools for gathering and analyzing employee feedback, conducting performance reviews, and monitoring goals. By utilizing powerful analytics and action planning features, Culture Amp helps businesses make informed, data-driven decisions to enhance workplace culture and employee experience. Unlike many competitors, Culture Amp focuses specifically on the HR technology sector, which is rapidly expanding as companies prioritize employee engagement. The company operates on a subscription-based model, offering various pricing tiers tailored to the size of the organization and the features needed.
Melbourne, AustraliaHeadquarters
2009Year Founded
$267.4MTotal Funding
SERIES_FCompany Stage
Data & Analytics, ConsultingIndustries
1,001-5,000Employees
Benefits
Employee Share Options Program
Professional Development Budget
Mental Health Support
Monthly Camper Life Allowance
Team budgets dedicated to team building activities and connection
Paid Vacation
Paid Holidays
Extended year-end breaks
Excellent parental leave and in work support program available from day 1 of joining Culture Amp
5 Social Impact Days a year to make a positive impact on the community outside of work
Home Office Stipend
Medical insurance coverage for you and your family (Available for US & UK only)
Risks
Emerging HR tech startups offering cheaper solutions threaten Culture Amp's market share.
Rapid AI advancements may require Culture Amp to invest heavily to stay competitive.
Data privacy concerns and regulatory changes could impact Culture Amp's operations in key markets.
Differentiation
Culture Amp integrates AI to streamline HR feedback analysis, enhancing efficiency.
The acquisition of Orgnostic boosts Culture Amp's data analytics capabilities significantly.
Culture Amp's People Analytics product offers a unified platform for comprehensive workforce insights.
Upsides
Neera Desai's appointment as GM could strengthen Culture Amp's North American market presence.
Collaboration with Sonder emphasizes employee wellbeing, potentially leading to new wellness features.
AI integration in feedback analysis allows HR teams to focus on strategic initiatives.
Related Jobs
RemoteRemoteSenior Risk Analyst
SignifydSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteRegulatory & Security Compliance Analyst
RainSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteThird-Party Cyber Risk Manager
HumanaSalary not specified
RemoteSecurity Operations Analyst
The Voleon GroupSalary not specified
- Full Time
- Entry Level & New Grad
RemoteSenior GRC Analyst
Serve Robotics$120,000 - $140,000/year
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSecurity Analyst
Qualified.com$130,000 - $145,000/year
- Full Time
- Junior (1 to 2 years)
RemoteActuary, Risk and Compliance
HumanaSalary not specified