The Challenge

We are seeking a highly skilled Senior Analyst to join our dynamic team. In this role, you will play a pivotal role in strengthening the effectiveness of the OneTrust Platform through the creation of new GRC content, as well as providing robust support for existing content across a spectrum of compliance frameworks (which includes SOC 2, ISO27001, PCI DSS, NIST CSF, HIPAA, privacy regulations (GDPR, CCPA and other state privacy laws), NIST 800-53, NIST AI RMF etc). Your responsibilities will include addressing security and privacy inquiries, aiding cross-functional teams with expert security insights, and contributing to the continuous enhancement of OneTrust platform. This role demands a strong background in security and privacy, alongside the ability to develop and implement reliable, standardized processes.

Your Mission

• Develop comprehensive content, encompassing policies, controls, implementation guidelines, templates and mapping relationship, tailored to various compliance frameworks.
• Conduct thorough research and analysis to ensure accurate and up-to-date content development.
• Interpret and translate complex regulatory requirements into clear and concise documentation.
• Continuously refine and update content in response to framework revisions or regulatory changes.
• Stay informed about industry trends, emerging regulations, and best practices related to compliance frameworks.
• Engage in collaborative efforts with internal teams (including sales, customer support, and marketing) to solicit feedback on content and actively identify market demand for various compliance frameworks.
• Effectively communicate content-related updates within OneTrust Platform.
• Address security and privacy inquiries related to specific compliance frameworks to enhance support for customers by addressing their needs regarding out-of-the-box content.
• Engage in internal brainstorming sessions and contribute to user acceptance testing for new product releases.
• Maintain thorough knowledge of OneTrust Platform and offer feedback on product features such as ERM, Compliance Modules, Policy Modules, Third-party Risk Management Module (TPRM) etc.
• Deliver training sessions to internal stakeholders as necessary on newly launched frameworks within the OneTrust platform.

You Are

• Bachelor's degree in a relevant field (e.g., Information Technology, Business Administration, Compliance).
• Minimum 4 years of experience in information security and privacy compliance, consulting, or research, spanning multiple industries.
• In-depth knowledge of various compliance frameworks such as SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR, NIST etc.
• Proven experience in developing content related to controls, policies, and risk management and working with any compliance management software.
• Strong analytical skills with the ability to interpret complex regulatory requirements.
• Excellent communication and interpersonal skills, with the ability to collaborate effectively across teams.
• Detail-oriented approach with a focus on accuracy and quality.
• Demonstrated knowledge of key IT controls and risk assessment concepts.
• Understanding of audit practices and methodologies.
• Ability to manage multiple tasks concurrently.
• Relevant certifications (e.g., CISA, CRISC, CISSP, CIPP/E, CIPP/C, CIPP/US) preferred.