Regulatory & Security Compliance Analyst
RainSalary not specified
Full Time
Senior (5 to 8 years), Expert & Leadership (9+ years)
Not SpecifiedCompensation
Mid-level (3 to 4 years)Experience Level
Full TimeJob Type
UnknownVisa
Life Sciences, SaaSIndustries
Requirements
- At least five years of experience leading organizations to obtain or retain ISO 27001 certification, or at least five years of experience leading organizations to achieve a “clean” SOC 2 Type 2 report
- Mastery of the requirements for all the controls in the ISO 27001 and/or SOC 2 standards
- Engaging stakeholders (internal customers, executive leadership, technology and business teams) to motivate and influence behaviors and decisions in support of compliance
- Deep experience in assessing control gaps and advising engineering and business process teams on closing those gaps
- Generating and collecting evidence necessary to demonstrate adherence to the ISO 27001 and SOC 2 standards
- Reviewing and organizing evidence to ensure that it can be used to demonstrate standards compliance
- Managing the audit process to ensure that auditors receive the necessary information and adhere to the correct audit scope
- At least two years technical or compliance experience with services built and implemented in a public cloud service (e.g., AWS, Azure, Google Cloud)
- Demonstrated experience and track record of success
Responsibilities
- Plan annual ISO, SOC 2, and other third-party audits from start to finish
- Perform gap assessments and advise on gap closure
- Collect, review, and catalog evidence
- Present evidence to auditors to make the case for compliance
- Manage the overall interactions with external auditors
- Serve as an advisor to engineering, IT, and business process teams to assist them in supporting compliance efforts
- Advise management on risk and control issues, provide practical recommendations to ensure that risks are properly managed
- Collaborate with senior leaders to determine audit scope
- Monitor compliance with Veeva policies and procedures
- Communicate status with senior leaders and other stakeholders
- Analyze and evaluate other audit frameworks to determine applicability and compliance resource requirements
- Identify policy and process improvement opportunities, automation opportunities, develop recommendations, and communicate with stakeholders collaboratively
- Help ensure ongoing compliance with relevant regulations and maintain current certification status against ISO 27001 and SOC 2 in addition to various other standards and certifying bodies
- Identify control gaps and advise internal teams in how to close those gaps
- Support third party security assessments and periodic maintenance as needed
- Foster a compliance culture throughout Veeva
- Communicate effectively and build positive relationships with other Veeva teams
- Contribute to efforts to improve the efficiency of compliance operations and reduce the compliance burden on other teams within Veeva
Skills
ISO 27001
SOC 2
Audit Planning
Compliance Management
Risk Assessment
Evidence Review
Third-Party Audits
Security Assessments
Veeva Systems
Quality and regulatory software solutions provider
About Veeva Systems
Veeva Systems offers software solutions for quality, regulatory, and advertising claims management, focusing on consumer products and chemical companies. Their cloud-based platform provides visibility and traceability throughout the product journey, ensuring compliance with regulations and accelerating time-to-market. Unlike competitors, Veeva has specialized expertise in both the Life Sciences and Chemical sectors, allowing them to effectively address industry-specific challenges. The company's goal is to help clients efficiently bring safe and compliant products to market.
Pleasanton, CaliforniaHeadquarters
2007Year Founded
$6.8MTotal Funding
IPOCompany Stage
Enterprise Software, Healthcare, Consumer GoodsIndustries
5,001-10,000Employees
Benefits
Parental leave
PTO
Free food
Health, dental, & vision insurance
Gym membership reimbursement
Risks
Manual processes in medtech content management risk compliance issues and market delays.
GenAI features in Vault CRM may face data privacy and security challenges.
Rapid product expansion could lead to integration challenges and customer dissatisfaction.
Differentiation
Veeva Systems specializes in cloud-based software for the life sciences industry.
The company offers a subscription-based model ensuring continuous updates and improvements.
Veeva's Vault CRM Suite connects sales, marketing, and medical for customer-centric engagement.
Upsides
Veeva Compass Patient platform supports patient journey analysis and market sizing.
GenAI features in Vault CRM enhance field productivity with contextual task automation.
Veeva's digital HACCP solution improves safety and efficiency in compliance processes.
Related Jobs
RemoteRemoteGRC (Governance, Risk, and Compliance) Analyst
YipitDataSalary not specified
- Full Time
- Entry Level & New Grad
RemoteInformation Security Compliance Analyst
BonterraSalary not specified
RemoteSenior Digital Auditor
GE HealthcareSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteIT Risk & Compliance Analyst
AngiSalary not specified
RemoteSenior Compliance Specialist
WiskSalary not specified
RemoteLegal Counsel - Privacy
VerisartSalary not specified
RemoteSenior Audit and Exam Coordinator
ValonSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteCompliance Analyst II
Garner HealthSalary not specified
- Full Time
- Junior (1 to 2 years)
RemoteProduct GRC SME
Vanta$158,000 - $186,000/year
- Full Time
- Expert & Leadership (9+ years)
RemoteSenior Compliance Analyst
EarnestSalary not specified
- Full Time
- Junior (1 to 2 years)