The Technology Compliance Analyst/Senior Analyst will be responsible for assessing Salesforce's security and compliance requirements,industry best practices, and customer commitments.
The role will support both the Vendor Assessment Program (VAP) and Technology Risk and Control Monitoring (TRCM) program.
The individual must have experience interacting with process owners, testing and documenting large control sets, handling inquiries from external auditors, and assessing security/compliance risk.
The role will be heavily focused on evaluating technology controls both internally and at our global vendors.
The vendor assessment process incorporates controls from a variety of assessment frameworks (e.g., SOC, ISO, FedRamp, HIPAA, HITRUST and PCI) and is regularly updated to address upcoming industry risks.
**Responsibilities**:
- Support the implementation of the strategic vision for Technical Compliance that are aligned to the company's focus on trust.
- Evaluate new and evolving regulations programs.
- Assess potential regulatory changes for impact to technology compliance objectives.
- Translate regulatory requirements to internal business partners and drive alignment on compliance requirements.
- Plan and execute audits of global vendors (Data Centers and Business Process Outsourcing (BPO)) control environment; focusing on technology controls.
Support onsite vendor assessments in the U.S. and internationally.
- Assess vendors for compliance with contractual agreements and compliance requirements.
Assess potential business changes for impact to compliance objectives.
- Perform controls testing, document results, and provide detailed updates to leadership, vendors, and other internal stakeholders.
- Proactively identify gaps or conflicts in existing processes and drive remediation of control deficiencies identified during the audit process.
- Assist with the education and training of process/control owners so they better understand the technology controls framework and their responsibilities.
- Support the implementation of the strategic vision for Technical Compliance that aligns to the company's focus on trust.
- Build strong relationships with business partners (Information Security/Security GRC, Internal IT, Legal, Engineering and Products team) and facilitate continuous improvement aligned with operational processes.
- Effectively communicate program execution status, key accomplishments, and risks to management both within the compliance center and to our business partners.
- Drive continuous improvement by interfacing with internal business partners and leveraging prior IT audit experience to add value.
**Experience and Qualifications**:
- At least 3 years of compliance, risk, IT operations or security experience, with supporting certifications (e.g., CISA, CRISC, CISSP).
(Preferably with a Big 4.)
- Bachelor of Science degree in Management Information Systems, Computer Science, or a related technical field required.
- Experience in a compliance and regulatory environment related across industries and geographies such as PCI, ISO27001, SOC, HIPAA, SOX,Fedramp, is desired
- Experience developing, championing, and managing internal compliance programs.
- Familiarity with multiple technology "backbones" and related supporting infrastructure.
- Analytical thinker who is highly organized and pays close attention to detail.
- Strong written and verbal communication skills; ability to effectively communicate and obtain buy-in at all levels of the organization and with internal stakeholders across the business.
- Ability to work efficiently with mínimal direction and/or oversight as well as part of multiple project teams simultaneously.
- A "whatever it takes to get the job done" attitude (i.e., pick up the phone, stop by a desk, follow-up multiple times) with comfort working in a fast-paced, dynamic environment.
- Passion for Salesforce, technology compliance, and delivering innovative programs that reinforce the Company's focus on trust.
**What we offer**:
- Health Insurance (HMO) & Life Insurance coverage from day 1 of employment
- Expanded maternity leave up to 120 days
- Expanded paternity leave up to 30 days
- Employee Stock Purchase Plan
- Loyalty and Christmas Gift
- Inclusion and Diversity Benefits
- Night Differential
- Allowances
- Car and Housing Plan
- Company-sponsored trainings upskilling, and certification
- Flexible Working Arrangements
- Healthy and Encouraging Work Environment
**TERMS AND CONDITIONS**
**Additional Information**:
The following documents will be asked as part of the pre-hiring requirements prior onboarding.
We recommend to prepare the requirements early to ensure on time onboarding.
Detailed discussion will take place during onboarding process as well as changes on the requirements as needed.
- Transcript of Records (TOR)
- Diploma (for graduates only) and/or Certificate of Graduation
- Certificate of Employment (COE) and/or SSS Employment History
- Gover