Sr. Compliance Operations Analyst, Data and Regulatory

We offer a hybrid work environment. Most US-based positions can also be performed remotely (any exceptions will be noted in the Minimum Qualifications below.)

Our Mission:

To actively connect people to their next great opportunity.

Who We Are:

ZipRecruiter is a leading online employment marketplace. Powered by AI-driven smart matching technology, the company actively connects millions of all-sized businesses and job seekers through innovative mobile, web, and email services, as well as through partnerships with the best job boards on the web. ZipRecruiter has the #1 rated job search app on iOS & Android.

Summary:

We are looking for an experienced Sr.Compliance Operations Analyst who will contribute to the ongoing development of the technical and regulatory compliance function at ZipRecruiter. This role will join the Compliance Team (reporting up through the Legal Team) and be responsible for coordinating and executing internal and external compliance activities. Equally importantly, the Sr. Compliance Operations Analyst will be expected to optimize and simplify compliance processes, striving to make compliance as accessible as possible to all teams.

A strong candidate will be knowledgeable about industry-standard compliance frameworks, such as SOX and SOC 1/2, have a data-driven mindset, and be capable of tracking down information to respond to audit and compliance needs. Managing short and long term projects and sets of tasks is a core part of this role. Additionally, the role will include preparing materials for internal and external sharing, which requires attention to detail, understanding one’s audience, and an eye for a polished presentation. The Sr. Compliance Operations Analyst will need to juggle multiple projects at any one time, be willing to own certain internal controls, and be conscious of any deadlines. Following rules and process is an important part of the role, but so is using good judgment.  

In addition, a great Sr. Compliance Operations Analyst will have excellent people skills. Kind, respectful interaction with both internal and external parties is an integral part of our culture. This position also requires clear and concise writing and communication skills to keep everyone aligned via different channels. We are seeking a candidate with all of these skills who will also be sensitive and welcoming to a wide diversity of cultural and technical backgrounds that we encounter in our global business.

Key Focuses:

• Lead, coordinate and drive compliance projects and tasks to completion in partnership with Internal Audit and other departments
• Manage responses to internal and external audit requests, including document and evidence retrieval and preparing presentation materials
• Develop corrective action plans and perform risk assessments for deficient controls, as needed
• Collaborate with Control Owners to proactively identify gaps, mitigate risks, provide suggestions for remediation, and ensure high-quality remediation evidence is delivered
• Coordinate timely annual retrieval of SOC 1 Type 2 reports and Bridge Letters, prepare SOC 1 Type 2 Report review templates, and coordinate annual review with business process stakeholders
• Manage the quarterly user access review process, partnering with IT and other system owners to review system roles, investigate exceptions, and review and submit documentation to meet compliance obligations
• Provide training and guidance to stakeholders and Control Owners to ensure they understand their role and responsibilities. Proactively identify opportunities for policy and process improvements, working with cross-functional teams to create and maintain high-quality documentation, and conduct regular reviews and updates
• Build strong working relationships with the Legal, Internal Audit, IT, Accounting, People/HR, Engineering, Product and Security teams to support compliance efforts 
• Partner with cross-functional stakeholders to proactively monitor business, system, and process changes to assess new risks, recommend new controls or updates to existing controls, and support implementation efforts 
• Partner with stakeholders to design and implement new or additional internal controls, as needed
• Recommend automation, improvements, or optimizations to the technical compliance process, partnering with technical team leads to built, tested, and launch such features, in accordance with internal and external standards and controls
• Serve as a trusted compliance advisor, making compliance processes accessible and manageable for internal teams
• Proactively track compliance deadlines, scheduling alignment meetings in advance to ensure preparedness
• Embrace the ZipRecruiter culture, an open and data-centric approach to collaboratively making decisions
• Adapt to evolving business needs by taking initiative in new compliance areas as they arise

Minimum Qualifications:

• 5+ years of hands-on experience in a technical compliance role
• Deep understanding of IT control frameworks (COBIT, NIST, ISO 27002, etc.)
• Working knowledge of Sarbanes-Oxley, SSAE18/SOC Reporting
• Solid understanding of security, privacy, and regulatory frameworks (ISO 27001, NIST 800-171, CMMC, PCI-DSS)
• Practical experience with control design and implementation, as well as issues remediation and risk assessments, including developing and effectively communicating requirements to stakeholder groups 
• Experience collaborating with internal and external auditors on topics including, but not limited to, control design, issue remediation & risk assessment, and SOC 1/2 reporting
• Proven ability to multitask, independently manage multiple projects, prioritize competing deadlines, and deliver results under tight timelines , with a track record of exceeding expectations
• Proven ability to problem solve ambiguous business issues with limited information. The right candidate will be comfortable reaching out to and working with cross functional teams to articulate the problem statement and brainstorm solutions to address identified issues
• Demonstrated attention to detail, especially with regard to communications and requirements
• Experience in practicing professional skepticism in reviewing documentation and articulating rationale for conclusions reached. Additionally, ensuring documentation reviewed is complete and accurate
• Previous experience establishing processes and influencing others to engage in the process
• Proficiency in MS Office, G-Suite tools (Google Docs, Sheets, Slides, Calendar), and AuditBoard
• Exceptional at working as part of a team and independently in a fast-paced, constantly evolving environment

Preferred Qualifications:

• Technology industry experience
• Experience collaborating with stakeholders in multiple disciplines, including but not limited to, Product, Engineering, Accounting/Finance, Internal Audit, People, etc.
• Professional audit, risk, or compliance certifications (CPA, CRMA, CIA, CISA)
• Working knowledge of Service Organization Control 2 (SOC 2) process and controls
• Experience working with AWS, GitHub, SalesForce, SaaS ERP, GL and reporting tools and systems
• Advanced proficiency in AuditBoard and Jira
• Have worked in a Sr. Compliance Operations Analyst or similar role at another technology company and/or as an external auditor in an accounting firm

As part of our team you’ll enjoy:

• Competitive salary
• Exceptional benefits package
• Flexible Vacation & Paid Time Off
• Employer-matched 401(k) plan

#LI-Remote

The US base salary range for this full-time position is $82,500 - $127,500. Our salary ranges are determined by role, level, and location, and the range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location, role-related knowledge and skills, depth of experience, relevant education or training, and additional role-related considerations.

Depending on the position offered, equity, bonuses, commission, or other forms of compensation may also be provided as part of a total compensation package, in addition to a full range of medical, financial, and other benefits.

ZipRecruiter is proud to be an equal opportunity employer and provides equal employment opportunities (EEO) to all employees and applicants without regard to race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity or genetics.

Privacy Notice: For information about ZipRecruiter's collection and processing of job applicant personal data for this job, please see our Privacy Notice at: https://www.ziprecruiter.com/careers/job-applicant-privacy-notice