Policy & Compliance Analyst
Ziply Fiber
full-time
Posted on:
Location Type: Remote
Location: Remote • Idaho, Montana, Oregon, Washington • 🇺🇸 United States
Visit company websiteSalary
💰 $80,768 - $103,084 per year
Job Level
JuniorMid-Level
Tech Stack
Cyber Security
About the role
- Administer the policy lifecycle, including drafting, coordinating reviews, publishing, and updating security policies.
- Collaborate with Legal, IT, and Security to ensure policies align with business and regulatory requirements.
- Maintain centralized documentation for audits, assessments, and regulatory reviews.
- Assist in preparing and organizing policy and evidence documentation for internal and third-party audits.
- Monitor regulatory developments and assist in aligning internal practices accordingly.
- Assist in monitoring organizational adherence to internal policies and procedures.
- Track and report on compliance and policy enforcement metrics.
- Arranges, conducts and monitors compliance testing, audits, and investigations.
- Provides ongoing monitoring of compliance information systems and processes.
- Informs supervisor of any compliance violations.
- Reviews internal systems, controls, and processes and identifies ways to resolve regulatory gaps and deficiencies.
- Assists with the implementation of new and updated compliance systems, standards, processes, procedures, and policies.
- Ensures compliance with all local, state, and federal laws and regulations as well as company policies, procedures and internal controls.
- Support compliance initiatives across departments by providing guidance and training.
- Generates analyses and reports containing results of compliance testing to management.
- Develops, maintains, and delivers compliance training content and programs.
- Performs other duties as required to support the business and evolving organization.
Requirements
- Bachelor of Science (BS) in Computer Science, Information Technology, Risk Management, Legal Studies, Business, or a related field.
- Minimum of two (2) years in a policy, audit, or compliance analyst role.
- Strong understanding of risk frameworks such as:
- o National Institute of Standards and Technology Cybersecurity Framework (NIST CSF).
- o NIST Special Publication 800-171.
- o International Organization for Standardization ISO 27001.
- o Service Organization Control 2 (SOC 2).
- o Sarbanes-Oxley Act (SOX).
- Direct experience managing regulatory requirements such as:
- o Payment Card Industry Data Security Standard (PCI-DSS).
- o NIST guidelines.
- Experience contributing to cross-functional compliance projects or initiatives.
- Familiarity with Governance, Risk, and Compliance (GRC) platforms or compliance tracking systems.
- Familiarity with legal hold processes, third-party risk management, and incident response documentation.
- Familiarity with business continuity and incident response concepts and procedures.
Benefits
- Medical
- Dental
- Vision
- 401k
- Flexible spending account
- Paid sick leave and paid time off
- Parental leave
- Quarterly performance bonus
- Training
- Career growth and education reimbursement programs
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
policy lifecycle managementcompliance testingaudit documentationrisk frameworksNIST CSFISO 27001SOC 2SOXPCI-DSSGRC platforms
Soft skills
collaborationcommunicationorganizational skillsanalytical skillstraining developmentproblem-solvingattention to detailreportingmonitoringguidance