Senior Compliance Analyst

  • Location: Chicago
  • Department: Security
  • Work Status: Full-time

Overview

At Relativity, we make software to help users organize data, discover the truth, and act on it. Our e-discovery platform is used by more than 13,000 organizations around the world to manage large volumes of data and quickly identify key issues during litigation, internal investigations, and compliance projects.

Here you can own your career in a community of values-driven people who help our customers around the world solve complex data challenges. If this sounds like the place for you, check out the details of this position below.

The Senior Compliance Analyst role is responsible for the ownership and maturation of the risk assessment and conformity measurement practices for our Information Security, Risk and Privacy Program.  An ideal candidate will be an experienced (internal or external) IT auditor, ISO auditor or FedRAMP tester who is accustomed to working within a rapidly growing company experiencing ongoing change.

Role Responsibilities

  • Maintain internal control standards related to ISO 27001, SOC 2 (Type 2 – SSAE18), NIST 800-53 v4, CSA, FedRAMP, FISMA, GDPR, HIPPA/HITRUST
  • In an environment of continual process improvement, facilitate ongoing updates of overall policies, procedures and controls, as appropriate for discussion with management
  • Assist in creating and maintaining information security policies, including technical and administrative policies and related enterprise and role-based training plans
  • Develop compliance metrics and dashboards for presentation to Executive team members
  • Develop risk and security assessments based on Governance, Risk and Compliance requirements for discussion with management as appropriate
  • Respond to security and compliance related questions from internal process owners and existing customers
  • Conduct supplier compliance reviews of SOC 2, Type controls and/or related certifications

Preferred Qualifications

  • Experience working with and maintaining framework relationships in a GRC system
  • Experience with FISMA/FedRAMP compliance and NIST 800-53 security controls
  • Experience with review of or participation in SSAE 16/SOC audits
  • Relevant security or security audit and compliance certifications (i.e. CISA, CISSP, CCSP, Sec+)
  • Knowledge of secure software development lifecycle (SSDLC) methodology
  • Knowledge of secure supplier categorization, vendor performance rating, nonconformance reporting. Familiarity with C-SCRM is a plus.
  • Experience using Microsoft Office Suite (Word, Excel, PowerPoint, SharePoint etc.) preferred
  • Ability to identify personnel and process-sourced risks to our organization and identify behaviors we need to change to mature our security posture.
  • Display practical knowledge of different message distribution techniques to ensure end user communities understand and continually apply required behavioral changes to reduce risk

Minimum Qualifications

  • Bachelor’s degree or equivalent experience
  • Five years’ information technology experience with a minimum of two years in a compliance role
  • Participation with  third-party audits
  • Knowledge of security concepts and practices in addition to confidentiality, integrity, availability and privacy security principles
  • Motivated self-starter capable of working independently while also collaborating with other team members
  • Articulate speaker and comfortable communicating complex security and compliance related topics

About Relativity

Relativity has over 160,000 users in 40+ countries from organizations including the U.S. Department of Justice, more than 70 Fortune 100 companies, and all of the Am Law 200. Relativity's cloud solution, RelativityOne, offers all the functionality of Relativity in a secure and comprehensive SaaS product. Our company has also been named one of Chicago's Top Workplaces by the Chicago Tribune for seven consecutive years. If you’re ready to grow with us, we’d love to hear from you. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

How We #ActOnIt

Connect With Us

Not ready to apply? Connect with us for general consideration.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.