Product Compliance Analyst
SailPoint is the leader in identity security for the cloud enterprise. Our identity security solutions secure and enable thousands of companies worldwide, giving our customers unmatched visibility into the entirety of their digital workforce, ensuring workers have the right access to do their job - no more, no less.
The Product Compliance Analyst position will support the long-term compliance strategic goals for SailPoint. This role requires analytic work, developing and implementing processes and executing strategies that leverage the understanding of various markets and compliance frameworks to drive profitable growth, while working in partnership with the Product and Sales teams to analyze compliance outliers and requirements. You may be requested to present analysis to other members of the organization. The nature of this position requires collaboration with teams across the organization, at all levels with varying levels of technical acumen, as well as contact with outside client representatives, vendors, auditors, and other business-related representatives.
Responsibilities:
This position will require a general working knowledge of the most common security and regulatory control frameworks in various markets as well as being familiar with the processes required to develop, test, promote and secure all SailPoint products and services.
This role will be responsible for, but not limited to, these activities -
- Support and drive product compliance strategy and policy implementation as it relates to products and business initiatives.
- Act as one of SailPoint's subject matter expert regarding compliance requirements and control frameworks.
- Research standards and compliance frameworks, may include interfacing with outside parties
- Develop and maintain a compliance product matrix
- Lead the effort to unify controls where and if applicable
- Assist with the maintenance of compliance controls and documentation
- Engage with various teams to create or improve processes.
- Identify risks and possibly assist with the development of risk treatment plans.
- May assist with customer (existing and prospective) questions and requests
- Assist in the federal compliance efforts, as required.
- Perform additional compliance tasks/duties as required.
Requirements:
- Proven track record working in compliance, product management, regulatory affairs, or related positions.
- Strong understanding of control frameworks and controls; as well as industry and region regulatory guidelines and best practices. (e.g., SOC 2, ISO 27001, ISO 27018, ISO 27701, NIST, PCI and similar compliance/regulatory frameworks)
- Strong experience researching, evaluating, interpreting, developing, maintaining, and communicating complex regulatory/compliance standards and ability to keep abreast of new regulations and key issues globally.
- Ability to identify compliance opportunities, gather and analyze information and form compliance strategy recommendations
- Organization, project management, and strategic planning skills
- General knowledge of IT systems, AWS/Azure Infrastructure, Security, SDLC and DevOps
- High professional standards and values with a demonstrated commitment to corporate responsibility.
- Strong written, verbal communication and presentation skills. Ability to partner with stakeholders across a breadth of technicality from engineers to customers to senior leadership
- Ability to work independently and with team(s)
- Ability to use sound judgment when making decisions under conditions of uncertainty
- Detail oriented with the ability to prioritize multiple, competing task within a projected timeline
- Excellent communication, coordination, and negotiation skills
- Critical thinking and problem-solving skills.
- Positive and open communication with company management and teams.
- Demonstrate ability to build strong working relationships with key internal and external stakeholders
- Willingness and ability to learn new skills
- Ability to learn quickly in a fast paced and changing environment.
- Team-player
Preferred:
- Bachelor's degree in relevant field.
- Demonstrable experience supporting compliance certification programs a plus
- Experience working for a Cloud Service Provider or in professional services a plus
- Certifications such as Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), CSP specific (i.e., AWS Cloud Practitioner), Project Management Professional (PMP) a plus.
SailPoint is an equal opportunity employer and we welcome everyone to our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.