We are seeking an experienced Compliance Analyst to join our compliance team! The new team member will be responsible for assisting the management of ClearGage’s compliance programs relating to third-party management, training, audit support, policy management, data mapping and privacy, data security and other matters related to, Fair Lending laws, HIPAA, and Payment Card Industry (PCI).
- Assist the Chief Compliance Officer with ensuring that compliance standards developed, disseminated, and maintained across all functional areas of the business.
- Coordinate with members of the information security group to implement and sustain appropriate technical and procedural controls to support this objective.
- Build out and manage the Third-Party Service Provider program for ClearGage to include: conducting due diligence of all prospective third party providers and partners, tracking and monitoring all third-party entities (vendors, subcontractors, etc.) engaged with ClearGage on an ongoing basis, conducting annual security reviews of all third parties engaged with ClearGage, conducting internal third-party inventory and data mapping exercises associated with all third parties, and monitoring and enforcing ClearGage’s standards with all third-parties.
- Manage internal and external audits and risk analysis relative to Fair Lending, IT security, HIPAA, and PCI to ensure audits and/or risk analysis are scheduled, staffed, and completed effectively and to ensure appropriate evidence is timely collected.
- Investigate all audit exceptions and ensure exceptions are remediated in a timely manner.
- Manage the corporate compliance training program to ensure training is scheduled, assigned, and completed; research and add new training as new technology trends evolve.
- Assist with the development, maintenance, and monitoring of compliance with policies involving Fair Lending, HIPAA, IT, and other corporate policies. Help oversee security policy education/awareness across the organization.
- Monitor all changes to compliance standards and communicate all changes and how it effects the organization’s compliance status to appropriate teams.
- Stay abreast of emerging technology developments and security threats that factor into our compliance program and recommend new strategies and tools.
- Perform internal reviews of required procedures within the organization to help ensure responsible business units are maintaining and following procedures.
- Additional duties, as assigned.
- 4+ years of Information Security and Governance experience
- Working experience with Fair Lending, HIPAA, IT security and PCI DSS compliance assessments and audits
- Experience managing third-party service provider programs
- Experience managing corporate training programs
- Experience with Process Improvement and re-engineering
- Strong written and verbal communication skills
- Strong detail-oriented and deadline driven
- Strong self-managed skills
- Ability to work in a fast-paced, autonomous, deadline driven environment