Compliance Engineer

Overview: - Role in Compliance Team to support security manager in maintaining and expanding company's compliance programs. - Responsible for managing day-to-day compliance activities, working with internal teams, and liaising with external auditors and regulatory bodies. - Ensuring company meets and exceeds regulatory standards, including PCI DSS, SOC-1, SOC-2, SOC-3, ISO certifications, and data privacy frameworks. Key Responsibilities: - Compliance Program Development and Maintenance: - Assist in building and maintaining the company’s comprehensive compliance program. - Design, implement, enforce, and improve internal policies, procedures, and controls to meet regulatory requirements. - Develop a roadmap for compliance with emerging standards and customer expectations. - Maintain documentation of the compliance program and update as needed. - Compliance Program Support: - Support internal teams in compliance with security and privacy controls, regulations, and standards. - Prepare and coordinate audits, gather documentation, and facilitate discussions between auditors and internal teams. - Assist in remediation of audit findings and monitor effectiveness of corrective actions. - Cybersecurity Responsibilities: - Maintain a robust cybersecurity framework aligned with NIST, CIS Controls, and other standards. - Identify and analyze potential security threats, vulnerabilities, and risks. - Participate in cybersecurity incident response efforts and report on security breaches or data privacy incidents. - Ensure compliance with security-related frameworks and participate in risk assessments. - Compliance Monitoring and Reporting: - Monitor compliance with internal controls and regulatory requirements. - Track and report on the status of compliance activities, initiatives, and projects. - Develop and maintain compliance metrics. - Training and Awareness: - Support creation and delivery of compliance training programs. - Promote a culture of compliance throughout the organization. - Risk Assessment and Incident Management: - Conduct risk assessments related to compliance and security. - Support security manager in responding to security and data privacy incidents. - Regulatory Updates and Continuous Improvement: - Stay informed of changes to regulatory requirements and industry standards. - Collaborate with cross-functional teams for continuous improvements in the compliance program. Requirements/Skills/Qualifications: - Bachelor's degree in information security, compliance, or related field. - 2+ years of experience in a compliance role, preferably within the technology or software industry. - Experience with PCI DSS, SOC, ISO, GDPR, CCPA, or other data privacy laws. - Strong understanding of regulatory compliance and industry standards. - Excellent organizational skills, problem-solving skills, and communication skills. - Ability to manage multiple projects and stay updated on regulatory changes. Compensation & Benefits: - $70,000 - $70,000 a year - Health and dental, 401k with company match. - Up to 4 weeks paid bonding leave. - Free subscription to the Calm App. - Tuition reimbursement. - Robust Employee Assistance Program. - Quarterly awards based on peer nominations. - Opportunities to participate in charitable events and give back to the community. Company Culture: - Lay back but buttoned up environment. - Remote-first Global Work Community. - Flexible Time Off policy or generous PTO plan. - Recognized as one of the Best Places to Work in New Jersey. - Equal opportunity employer.