Compliance Analyst

We are seeking an experienced Compliance Analyst to join our compliance team! The new team member will be responsible for assisting the management of ClearGage’s compliance programs relating to third-party management, training, audit support, policy management, data mapping and privacy, data security and other matters related to, Fair Lending laws, HIPAA, and Payment Card Industry (PCI).

 

Responsibilities:

  • Assist the Chief Compliance Officer with ensuring that compliance standards developed, disseminated, and maintained across all functional areas of the business.
  • Coordinate with members of the information security group to implement and sustain appropriate technical and procedural controls to support this objective.
  • Build out and manage the Third-Party Service Provider program for ClearGage to include: conducting due diligence of all prospective third party providers and partners, tracking and monitoring all third-party entities (vendors, subcontractors, etc.) engaged with ClearGage on an ongoing basis, conducting annual security reviews of all third parties engaged with ClearGage, conducting internal third-party inventory and data mapping exercises associated with all third parties, and monitoring and enforcing ClearGage’s standards with all third-parties.
  • Manage internal and external audits and risk analysis relative to Fair Lending, IT security, HIPAA, and PCI to ensure audits and/or risk analysis are scheduled, staffed, and completed effectively and to ensure appropriate evidence is timely collected.
  • Investigate all audit exceptions and ensure exceptions are remediated in a timely manner.
  • Manage the corporate compliance training program to ensure training is scheduled, assigned, and completed; research and add new training as new technology trends evolve.
  • Assist with the development, maintenance, and monitoring of compliance with policies involving Fair Lending, HIPAA, IT, and other corporate policies. Help oversee security policy education/awareness across the organization.
  • Monitor all changes to compliance standards and communicate all changes and how it effects the organization’s compliance status to appropriate teams.
  • Stay abreast of emerging technology developments and security threats that factor into our compliance program and recommend new strategies and tools.
  • Perform internal reviews of required procedures within the organization to help ensure responsible business units are maintaining and following procedures.
  • Additional duties, as assigned.

Requirements/Experience:

  • 4+ years of Information Security and Governance experience
  • Working experience with Fair Lending, HIPAA, IT security and PCI DSS compliance assessments and audits
  • Experience managing third-party service provider programs
  • Experience managing corporate training programs
  • Experience with Process Improvement and re-engineering
  • Strong written and verbal communication skills
  • Strong detail-oriented and deadline driven
  • Strong self-managed skills
  • Ability to work in a fast-paced, autonomous, deadline driven environment