Senior Compliance Analyst
- Maintain internal control standards related to ISO 27001, SOC 2 (Type 2 – SSAE18), NIST 800-53 v4, CSA, FedRAMP, FISMA, GDPR, HIPPA/HITRUST
- In an environment of continual process improvement, facilitate ongoing updates of overall policies, procedures and controls, as appropriate for discussion with management
- Assist in creating and maintaining information security policies, including technical and administrative policies and related enterprise and role-based training plans
- Develop compliance metrics and dashboards for presentation to Executive team members
- Develop risk and security assessments based on Governance, Risk and Compliance requirements for discussion with management as appropriate
- Respond to security and compliance related questions from internal process owners and existing customers
- Conduct supplier compliance reviews of SOC 2, Type controls and/or related certifications
- Experience working with and maintaining framework relationships in a GRC system
- Experience with FISMA/FedRAMP compliance and NIST 800-53 security controls
- Experience with review of or participation in SSAE 16/SOC audits
- Relevant security or security audit and compliance certifications (i.e. CISA, CISSP, CCSP, Sec+)
- Knowledge of secure software development lifecycle (SSDLC) methodology
- Knowledge of secure supplier categorization, vendor performance rating, nonconformance reporting. Familiarity with C-SCRM is a plus.
- Experience using Microsoft Office Suite (Word, Excel, PowerPoint, SharePoint etc.) preferred
- Ability to identify personnel and process-sourced risks to our organization and identify behaviors we need to change to mature our security posture.
- Display practical knowledge of different message distribution techniques to ensure end user communities understand and continually apply required behavioral changes to reduce risk
- Bachelor’s degree or equivalent experience
- Five years’ information technology experience with a minimum of two years in a compliance role
- Participation with third-party audits
- Knowledge of security concepts and practices in addition to confidentiality, integrity, availability and privacy security principles
- Motivated self-starter capable of working independently while also collaborating with other team members
- Articulate speaker and comfortable communicating complex security and compliance related topics
Relativity has over 160,000 users in 40+ countries from organizations including the U.S. Department of Justice, more than 70 Fortune 100 companies, and all of the Am Law 200. Relativity's cloud solution, RelativityOne, offers all the functionality of Relativity in a secure and comprehensive SaaS product. Our company has also been named one of Chicago's Top Workplaces by the Chicago Tribune for seven consecutive years. If you’re ready to grow with us, we’d love to hear from you. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.