Compliance Analyst at Nintex

About the Role:

• The Compliance Analyst role is part of the Nintex Security Practice Team working with several globally located departments to coordinate and manage our Compliance Program. This is an operational and tactical role, responsible for defining the requirements for adhering to a compliance framework, preparing teams for becoming audit ready, manage the monitoring requirements for maintaining a successful compliance standing, and working with auditors to manage all audit activities. The Compliance Analyst will demonstrate excellent project management experience to plan and accomplish goals for multiple projects happening simultaneously while having a well-versed background in several compliance frameworks. 

Your contribution will be:

• Domain Knowledge and Documentation: The Compliance Analyst will manage and expand the Nintex Compliance Program and be responsible for the entire compliance lifecycle from gap analysis to audit complete. This includes preparing the company for new compliance frameworks. An essential part of the role will also include meticulous coordination of compliance gap analysis, remediation plans, audits, documentation, self-assessment and other audit activities. Moreover, the Compliance Analyst will enable and facilitate the development and maintenance of all relevant compliance documentation for training, awareness, and continuous operational effectiveness. This role will also be responsible for coordinating and reviewing all evidence gathering for Nintex audits. 
• Global Stakeholder Management: In this role the Compliance Analyst will be required to advise geographically separated departments (ex. Engineering, Corp IT, Product, Sales, Human Resources and Legal departments) on how to meet controls and maintain testing the effectiveness of those controls at all levels. The Compliance Analyst will train new and existing Nintex staff in compliance initiatives or audit interviewing techniques. In addition, the Compliance Analyst will facilitate third party audits associated with compliance requirements in the Risk Management Program and assist with the Vendor Risk Management reviews for evaluating vendor compliance reports and calculating the risk and impact to Nintex. 
• Adhere to Nintex Standards and Practices: The Compliance Analyst will assist the Nintex Governance and Risk Committee (GRC) in the writing, editing, and reviewing of the information security policies and guidelines. They will also support compliance integration activities for company acquisitions. 
• Risk Management and Mitigation: In this role, the Compliance Analyst will be expected to initiate the security reviews and risk assessment processes for new projects and technologies to ensure compliance. The role will also be responsible for providing timely advice and recommendations to relevant stakeholder groups on potential risks to Nintex and propose risk mitigation strategies for implementation globally or regionally. 

To be successful we think you need:

• Bachelor’s degree in an analytical based field such as engineering, computer science or finance preferable
• CISSP or other security-based certifications, such as CISM preferable
• Any technical certifications targeting Azure of AWS preferable
• Exposure to common compliance frameworks including SOC2 and ISO 27001 required
• Experience working remotely, and preferably with globally or regionally dispersed teams required
• General understanding of Cloud and Hybrid architectures, on either AWS or Azure required
• Strong project management skills and the ability to track and report on project status required