Security Compliance Analyst at Veeva Systems

Columbus, Ohio, United States

Apply Now

Not SpecifiedCompensation

Mid-level (3 to 4 years)Experience Level

Full TimeJob Type

UnknownVisa

Life Sciences, SaaSIndustries

Requirements

At least five years of experience leading organizations to obtain or retain ISO 27001 certification, or at least five years of experience leading organizations to achieve a “clean” SOC 2 Type 2 report
Mastery of the requirements for all the controls in the ISO 27001 and/or SOC 2 standards
Engaging stakeholders (internal customers, executive leadership, technology and business teams) to motivate and influence behaviors and decisions in support of compliance
Deep experience in assessing control gaps and advising engineering and business process teams on closing those gaps
Generating and collecting evidence necessary to demonstrate adherence to the ISO 27001 and SOC 2 standards
Reviewing and organizing evidence to ensure that it can be used to demonstrate standards compliance
Managing the audit process to ensure that auditors receive the necessary information and adhere to the correct audit scope
At least two years technical or compliance experience with services built and implemented in a public cloud service (e.g., AWS, Azure, Google Cloud)
Demonstrated experience and track record of success

Responsibilities

Plan annual ISO, SOC 2, and other third-party audits from start to finish
Perform gap assessments and advise on gap closure
Collect, review, and catalog evidence
Present evidence to auditors to make the case for compliance
Manage the overall interactions with external auditors
Serve as an advisor to engineering, IT, and business process teams to assist them in supporting compliance efforts
Advise management on risk and control issues, provide practical recommendations to ensure that risks are properly managed
Collaborate with senior leaders to determine audit scope
Monitor compliance with Veeva policies and procedures
Communicate status with senior leaders and other stakeholders
Analyze and evaluate other audit frameworks to determine applicability and compliance resource requirements
Identify policy and process improvement opportunities, automation opportunities, develop recommendations, and communicate with stakeholders collaboratively
Help ensure ongoing compliance with relevant regulations and maintain current certification status against ISO 27001 and SOC 2 in addition to various other standards and certifying bodies
Identify control gaps and advise internal teams in how to close those gaps
Support third party security assessments and periodic maintenance as needed
Foster a compliance culture throughout Veeva
Communicate effectively and build positive relationships with other Veeva teams
Contribute to efforts to improve the efficiency of compliance operations and reduce the compliance burden on other teams within Veeva

Skills

Key technologies and capabilities for this role

ISO 27001SOC 2Audit PlanningCompliance ManagementRisk AssessmentEvidence ReviewThird-Party AuditsSecurity Assessments

Questions & Answers

Common questions about this position

What is the salary for the Security Compliance Analyst position?

This information is not specified in the job description.

Is this a remote position, or do I need to work in an office?

Veeva Systems is a Work Anywhere company, supporting flexibility to work from home or in the office so you can thrive in your ideal environment.

What experience is required for this Security Compliance Analyst role?

At least five years of experience leading organizations to obtain or retain ISO 27001 certification is required.

What are Veeva Systems' core values and company culture like?

Veeva's core values are Do the Right Thing, Customer Success, Employee Success, and Speed; they are a public benefit corporation balancing interests of customers, employees, society, and investors, with a mission to transform the life sciences industry.

What makes a strong candidate for this Security Compliance Analyst position?

Candidates with at least five years of experience leading ISO 27001 certification efforts, skills in gap assessments, evidence collection, auditor management, and advising teams on compliance stand out.

Veeva Systems

Quality and regulatory software solutions provider

About Veeva Systems

Veeva Systems offers software solutions for quality, regulatory, and advertising claims management, focusing on consumer products and chemical companies. Their cloud-based platform provides visibility and traceability throughout the product journey, ensuring compliance with regulations and accelerating time-to-market. Unlike competitors, Veeva has specialized expertise in both the Life Sciences and Chemical sectors, allowing them to effectively address industry-specific challenges. The company's goal is to help clients efficiently bring safe and compliant products to market.

Pleasanton, CaliforniaHeadquarters

2007Year Founded

$6.8MTotal Funding

IPOCompany Stage

Enterprise Software, Healthcare, Consumer GoodsIndustries

5,001-10,000Employees

Benefits

Parental leave

PTO

Free food

Health, dental, & vision insurance

Gym membership reimbursement

Risks

Manual processes in medtech content management risk compliance issues and market delays.

GenAI features in Vault CRM may face data privacy and security challenges.

Rapid product expansion could lead to integration challenges and customer dissatisfaction.

Differentiation

Veeva Systems specializes in cloud-based software for the life sciences industry.

The company offers a subscription-based model ensuring continuous updates and improvements.

Veeva's Vault CRM Suite connects sales, marketing, and medical for customer-centric engagement.

Upsides

Veeva Compass Patient platform supports patient journey analysis and market sizing.

GenAI features in Vault CRM enhance field productivity with contextual task automation.

Veeva's digital HACCP solution improves safety and efficiency in compliance processes.

Land your dream remote job 3x faster with AI

Try Jobo Free