Senior Compliance Analyst

Kaseya® is the leading provider of complete IT infrastructure and security management solutions for Managed Service Providers (MSPs) and internal IT organizations worldwide powered by AI. Kaseya’s best-in-breed technologies allow organizations to efficiently manage and secure IT to drive sustained business success. Kaseya has achieved sustained, strong double-digit growth over the past several years and is backed by Insight Venture Partners www.insightpartners.com), a leading global private equity firm investing in high-growth technology and software companies that drive transformative change in the industries they serve.

Founded in 2000, Kaseya currently serves customers in over 20 countries across a wide variety of industries and manages over 15 million endpoints worldwide. To learn more about our company and our award-winning solutions, go to www.Kaseya.com and for more information on Kaseya’s culture, please click here: Kaseya Culture.

Kaseya is not your typical company. We are not afraid to tell you exactly who we are and our expectations. We have achieved record levels of success being BOLD, being GRITTY, being ACCOUNTABLE. The thousands of people that succeed at Kaseya are prepared to go above and beyond for the betterment of our customers, and the betterment of their careers and long-term financial wealth.

WHAT YOU’LL DO:

As a cutting-edge technology company, we are searching for a talented Compliance Analyst to join our exceptional GRC team. Kaseya is a leader in delivering groundbreaking solutions that empower businesses to thrive in the digital age. You should be a technical leader who will build and maintain Compliance focused security controls. In this position, you will be responsible for assisting in the planning, coordinating, and executing Compliance audits & initiatives that improve Kaseya’s security posture. You will be responsible for assisting in audits, designing, implementing, and maintaining robust Compliance controls.

WHAT WE ARE LOOKING FOR:

The ideal candidate will work on a wide variety of interesting technical problems, operate at scale in an environment with over an exabyte of data, have opportunities to build a world class Compliance team, and operate with both autonomy and empowerment from senior leadership.

Prior experience as a security focused Compliance Analyst is required, the candidate must have experience and demonstrate capability in this domain. The Compliance Analyst must have effective communication and project management skills.

THE SCHEDULE: 

This position is 100% remote.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Assist in Compliance audits, build out audit/walkthrough plan, communication with Control Owners, External & Internal Auditors.

• Design & complete walkthroughs and tests of the operating effectiveness of controls across business units, product lines, and infrastructure, in support of SOC 2 audits and other compliance certifications.

• Prepare Control Owner and facilitate the audit readiness process for all audits including but not limited to SOC 2 audits.

• Collaborate with control owners to collect populations and samples for all audits.

• Communicate with the external auditor to schedule audit preparations, fieldwork, and reporting activities.

• Provide guidance and support for evidence collection, transformation, and normalization across a variety of Products, operating systems, applications, appliances, and networking platforms.

• Provide insight and recommendations regarding gaps and improvements in the design and operating effectiveness of controls.

• Assist in Project Managing the Compliance team initiatives, ensuring on time delivery.

• Collaborate with the teams in designing and streamlining audit procedures, project management solutions, and control period work.

• Learn, stay on top of upcoming, and apply applicable standards, frameworks, and interpretative guidance (e.g., attestation and auditing standards, SOC 2, NIST 800-53, ISO, COSO, FedRAMP & EUCS).

• Lead and collaborate with various geographically spread, cross-functional teams including IT, Product, Engineering, Architecture teams, Sales, Marketing, Finance and Legal.

• Ensure thorough documentation of controls, process, tickets, meetings, evidence collection.

• Work closely with other IT and security teams to ensure seamless integration and operation of Compliance team process and or tools.

• Perform other security-related duties as assigned.

• Limited off-hours support may be required.

• Limited travel may be required.

GENERAL QUALIFICATIONS AND EXPERIENCE

• 5 to 10 years of demonstrated ability in leading Compliance audits.

• Strong program management skills: ability to effectively lead teams, track commitments from Project Owners and SMEs, and supervise/lead self and others in responding to roadblocks, queries, work sessions, and meeting project timelines.

• Excellent leadership and team management skills, with the ability to inspire and motivate teams.

• Knowledge and experience working with Cloud technologies/environments, AWS, Azure, GCP or other related cloud experience is required.

• Familiarity with On-prem, Cloud, and Hybrid Cloud environments.

• Understanding of Request, Incident, and Change Management practices.

• Possess at least one recognized security Compliance certification, which demonstrates advanced expertise in designing, implementing, and managing premier cybersecurity risk programs.

• Strong understanding of Compliance principles, practices, and tools, with the ability to develop and implement effective procedures and corrective measures.

• Proficient in assessing, prioritizing, and addressing Compliance control issues, including handling escalations and providing consultation across business units.

WHAT YOU’LL BRING:

• Prior experience as a Compliance Analyst or similar role.

• Working understanding of SOC2, ISO27001, GDPR, modern Data Pipeline Design, Transformation and Normalization of Data and best practices.

• Ability to effectively lead teams with multiple projects in an extremely fast paced environment

• One or more certifications such as CISA, CISM, CISSP, CRISC, CIA, or CGEIT are desired.

• Can translate complex technical topics into easy-to-understand concepts fostering understanding and collaboration between technical and business stakeholders.

• Strong written and verbal communication skills, with a passion for documentation.

• Knowledge and experience working with Cloud technologies/environments, AWS, Azure, GCP or other related cloud experience is required.

• Self-starter and ability to perform independently and synthesize information from disparate sources.

• Ability to quickly demonstrate an understanding of internal security risks, security controls, business processes in a fast-paced environment.

• Proficiency with Atlassian products: Jira and Confluence.

• Strong work ethic and an insatiable desire to learn.

• Thrives in a team-based environment, leaving ego at the door.

• Solid organizational skills, including the ability to consistently meet project deadlines, while maintaining quality, attention to detail, and accuracy in work.

• As needed, develop and enforce policies, standard, procedures, methodologies, processes, and tools.

• Identify trends in need of a larger solution, beyond the scope of the immediate problem.

• Design and champion best practices within the organization.

• Solve complex and challenging problems with simple, maintainable, and scalable solutions.

IND2

Join the Kaseya growth rocket ship and see how we are #ChangingLives !

Additional information
Kaseya provides equal employment opportunity to all employees and applicants without regard to race, religion, age, ancestry, gender, sex, sexual orientation, national origin, citizenship status, physical or mental disability, veteran status, marital status, or any other characteristic protected by applicable law.