As a key member of the Security and Compliance team, reporting to the VP, Cloud Infrastructure, the Compliance Specialist ensures that Axonify establishes the appropriate policies and procedures to support its compliance and risk management efforts. They will perform regular assessments to validate controls are appropriate and operating effectively in accordance to customer and industry expectations. This also includes assessing data privacy compliance with privacy laws and regulations, vendor risks, system compliance to standards such as SOC2, ISO27001, ISO42001 and contractual obligations.
This is a 6 month contract opportunity.
\n
The impact you'll have:- Review security requirements and questionnaires from existing and potential customers.
- Ensure that policies meet SOC2, ISO27001 and other compliance regulations that the organization must adhere to
- Develop, updating, reviewing, implementing, maintaining and enforcing security policies, procedures and standards
- Align security procedures and standards with industry best practices such as NIST, ISO and CIS
- Stay up to date and informed on developing regulatory concerns and changing IT and information security trends
- Interface with IT and business partners to provide guidance and support.
Compliance Management
- Ensure compliance with requirements from existing and potential customers.
- Perform security and compliance assessments on new and existing systems, processes, technology
- Support internal and external audit process for relevant compliance concerns including SOC2, ISO27001 and ISO42001
- Work with various business units to ensure controls are adequate, appropriate, and effective
- Perform periodic gap assessments to validate compliance on an ongoing basis.
- Develop methodologies to audit, benchmark and report compliance status.
- Provide internal audit functionality and assist with external audits.
Risk Management
- Perform periodic security assessments on new and existing systems, processes, technology
- Support the organization’s vendor management processes by performing Vendor/3rd-Party Risk Assessments
What you'll bring:- 2+ years of experience with regulatory compliance standards such as SOC2 and others. Experience with IT governance, risk, and compliance management
- Deep understanding of Information Systems or Information Security gained through Post-Secondary education, experience or a combination of both
- Knowledge of information security best practices, and common risk framework examples including: NIST and ITIL. Knowledge of vulnerability management. Knowledge of Web Application protection and security. Knowledge of Network and Perimeter security (Firewalls, IPS, Routers, switches). Knowledge of Endpoint security solutions
- Strong personal organization and project management ability. Carries industry recognized certifications such as CISSP, CISA/CISM, SANS/GIAC, CompTIA Security + being an asset
- Builds bridges among development and solutions consulting teams to respond to RFP requests and achieve common goals
- Strong attention to detail and a commitment to quality service, high responsiveness, with good analytical and problem-solving abilities. Can operate autonomously and proactively seek out solutions to problems
\n
It's ok if your experience doesn't check every box! If you check off more than a few - great! We’d welcome a chance to get to know what you can bring, how you can add to our culture, and hear your unique story.
Work location:
This is an in-office position at our Waterloo, Ontario location. Let’s chat more about the working arrangement.
You will be provided with the tools, resources and support to ensure your success.
The things you’ll enjoy:
An impactful product that gives back to the communities and frontline workers that support our everyday lives.
People with great attitudes that lead to great results through our values: Empathetic, Bold, Innovative and Empowering.
A diverse team that celebrates unique perspectives and experiences that add richness to our culture.
Leaders that trust deeply who leverage our skills, adapt to us as individuals and encourage us to be our best selves.
OurPerks
Ready to join the team? Here’s what’s next.
Apply. Our Talent Acquisition team is committed to providing an outstanding experience throughout your journey with us. Learn more about Axonify by visiting us at www.axonify.com/careers
We believe our team’s unique life experiences, backgrounds, cultures, beliefs and abilities add richness to our culture and depth to our ideas. Our ongoing commitment to diversity and inclusion creates an environment that supports, empowers and delivers a sense of belonging for all members of the team.
We want to remove barriers that may limit you from joining Axonify. Email us at accessibility@axonify.com to let us know how we can provide you with reasonable accommodations through our candidate journey.