Compliance Analyst

This is a fully remote position, open to applicants in India.

📋 Description

• Oversee process and compliance activities to establish and uphold top-tier compliance and security frameworks such as ISO, CSA, SSAE18 SOC, NIST, FDA, NIS, TISAX, and others.

• Emphasis on promoting uniformity across QAD in maintaining compliance controls and adhering to relevant regulatory compliance obligations in areas including Information Security, Service Management, Risk Management, Business Continuity Management, Privacy Management, and Quality Management System.

• Conducts gap analyses for compliance standards updates and assists functional teams in implementing necessary controls, as well as revising policies and procedures.

• Performs internal compliance audits and showcases controls during external compliance evaluations.

• Compliance Management: Oversees and executes internal process and security compliance audits.

• Participates in external compliance audits, presenting evidence and demonstrating controls.

• Manages customer audit inquiries and collaborates with global teams to gather and present evidence.

• Records audit observations and findings, following up with relevant parties to ensure closure of audit issues.

• Executes gap analyses for certification updates and implements necessary revisions.

• Ensures that process and policy documentation aligns with compliance control requirements.

• Collaborates with relevant business teams to implement outstanding controls and assist in updating policy/process documentation.

• Maintains registers related to compliance, such as Risk and Continuous Improvements.

• Delivers training as needed to global teams on various compliance frameworks.

• Aids business functions in conducting business impact analyses and maintaining business continuity plans.

• Works with global business functions to respond to third-party questionnaires.

• Actively enhances skills and knowledge pertaining to security and compliance standards and frameworks.

• Remains informed about changes in industry compliance and regulatory requirements.

⛳️ Requirements

• Bachelor’s degree in Engineering, Computer Science, IT, or related fields; ISO 27001 and ISO 20000 Lead Auditor certifications are preferred (or to be obtained within 12 months).

• More than 5 years of industry experience encompassing Compliance, Service and Security Management, and Cybersecurity best practices.

• Familiarity with leading compliance frameworks (e.g., CSA STAR, SSAE18 SOC 1 / SOC 2, ISO 27001, ISO 20000, ISO 9001, FDA, NIST, NIS 2, TISAX, etc.).

• Experience with the compliance audit process.

• Skills in delivering process training.

• Understanding of System/Network security and business operations.

• Knowledge of Project Management methodologies, training material preparation, and proficiency in spreadsheets is preferred.

• Strong business procedure writing capabilities.

• Excellent analytical and problem-solving skills.

• Customer service orientation and proven ability to thrive in a fast-paced environment.

• Effective communication skills with the ability to manage sensitive matters with tact and diplomacy.

• Ability to work independently.

• Capable of exercising judgment and discretion while applying company policies and practices to determine appropriate actions.

🏝️ Benefits

• Your health and well-being are a priority for us at QAD.

• We offer programs designed to help you maintain a healthy work-life balance.

• Opportunity to be part of a growing business that is entering its next phase of expansion and transformation.

• A collaborative culture filled with intelligent and diligent individuals who support each other to achieve goals.

• An environment of growth and opportunity, where sharing ideas takes precedence over hierarchy.