Security and Compliance Analyst at All Campus
All Campus partners with leading, traditional institutions of higher education to expand online enrollment. We provide the up-front marketing investment, expertise, and service level required for success. Guided by our experience interacting with students from a wide variety of fields and backgrounds, we create a customized, specialized service offering to capture any audience. Our extensive list of clients includes the University of Southern California, the University of Arizona, the University of Florida, Purdue University, Boston University, DePaul University, Michigan State University, and many others.
We offer one of the most unique working environments you’ll find in Chicago - the quirkiness of a creative agency and the analytical mindset of a consulting firm. We are looking for team players who are highly motivated to deliver exceptional results for a growing organization. The ideal candidate is someone who enjoys coming up with new ideas, is comfortable communicating them to a variety of stakeholders and other managers, and who is excited by the prospect of working constantly to improve performance. Put simply, we genuinely like working with one another, and it shows—All Campus has been listed a Chicago Crain’s “Best Places to Work,” three years in a row (2018-2020) as well as a top-20 ranking on the 2019 and 2020 Built In Chicago “Best Places to Work” list.
At All Campus, the passion and talent our employees bring to work every day are at the core of our continued success as a company. The company culture emphasizes diversity, excellence, integrity, appreciation, collaboration, creativity and camaraderie. We are committed to fostering your professional growth, as well as doing everything we can to keep you happy, healthy, and passionate about the work you do. Our competitive and comprehensive benefits package includes health coverage, retirement planning, and work-life balance benefits—in addition to plenty of perks like free food, lively parties, and Summer Friday hours.
We are seeking a knowledgeable and proactive Security and Compliance Analyst who will be responsible for the development and monitoring of All Campus' security, compliance and privacy related obligations and activities. As a Security and Compliance Analyst, your duties will include training employees on industry standards, developing policies, and evaluating compliance. To be successful in this role, you should possess extensive experience in advising organizations on industry requirements and standards.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
-Work directly with teams to develop and maintain auditable procedures to ensure on-going compliance
-Create and maintain tools and documentation in support of current controls, policies, standards, and procedures related to various compliance obligations
-Recommend improvements to teams and departments based on observation, sampling, and/or audit findings
-Establish and manage compliance project plans and escalations, issue/resolution processes, and requirements prioritization process
-Articulate compliance goals and initiatives effectively to gain buy-in, trust, and collaboration from internal leadership, product development teams, and operations teams
-Collaborate regularly with leadership to address emerging compliance requirements
-Guide, implement and manage all information security practices and compliance across the organization
-Establish and drive the framework for operational controls and certifications
-Improve the security, audit-ability and compliance of our production and software development environments
-Work with teams and manage effective action plans in response to audit discoveries and compliance violations.
-Regularly audit company procedures, practices, and documents to identify possible weaknesses or risk.
-Ensure all employees are educated on the latest regulations and processes.
-Develop and implement plans to safeguard digital data from accidental or unauthorized modification, destruction, or disclosure; adheres to emergency data processing needs.
EXPERIENCE AND EDUCATION: an equivalent combination of education, training and experience will be considered.
-Brilliant oral and written communication skills.
-Highly-analytical with strong attention to detail.
-In depth understanding of SaaS/cloud infrastructure security models and best practices (i.e IAM).
-Experience of security issues in a continuous software development/deployment environment.
-Self-motivation and the ability to work under minimal supervision
-Thorough understanding of computer-related security systems including firewalls, encryption, and password protection and authentication.
-3+ years experience in a compliance role managing HIPAA, SOC2, GDPR, etc
-Ability to cultivate relationships with colleagues, customers, and prospects.
-Strong problem solving, analytical skills, organizational, and project management skills
-Experience managing compliance audits (from SOC2 to Privacy and all things in-between) and coordinating compliance programs
-SOC2 AICPA Trust Service Principles implementation experience
-Practical working knowledge of compliance frameworks and certifications which includes, but is not limited to HECVAT, SOC2, CCPA
You will be tasked with the planning and coordination of operational activities at the company to ensure that everything meets the companies security and compliance goals. This will include implementing training, recording violations and doing more necessary research regarding regulations. You will have to work closely with other department heads to make sure that all departments remain compliant.