Job Description

Introduction: Our goal at Pivotree is to help accelerate the future of frictionless commerce. We will help lead this change over the next decade because we believe a future where technology is embedded intimately into all aspects of our everyday lives can benefit everyone and will shape the interactions with the brands we love. We will help shape the future of frictionless commerce by working together with some of the best brands in the world and some of the best people in the industry to leverage converging technologies that will make it possible to accelerate frictionless commerce faster than ever. Pivotree provides services focused on the design, implementation, management, and maintenance of complex ecommerce solutions for large enterprises.
We provide the technical skills necessary to enable the effective use of technologies combined with the business context to leverage a solution to solve our clients' business challenges. We strive to fill the gaps in available technology with our own IP to reduce the barriers to adoption. We enable inclusive, immersive and highly personalized experiences for our clients and their customers. We build our products with a view to productizing and scaling technology to lower the costs and reduce the risks of implementing and managing our integrated solutions.
Each of our solutions starts with reliable and reputable e-commerce and MDM platforms, which run on enterprise grade infrastructure that are customized to meet a variety of client needs, situations, and budgets. Over the next 10 years we will add new categories and capabilities that will define frictionless commerce ecosystems. This is a journey of technology acceleration combined with consumer readiness and adoption. We are looking for people capable of adapting relentlessly to the rapidly evolving world around us.
Position Summary: As Compliance Analyst you would be a member of an agile team that is focused on how to maintain and iterate Cybersecurity policies and standards, evaluate control effectiveness, and comply with emerging laws and regulations at the scale and speed necessary to protect Pivotree's people, data, and reputation by ensuring information security best practices are implemented and followed. You will have the opportunity to influence the controls designed to manage, develop, deploy, and support security requirements globally, as well as evaluate the effectiveness over those controls. Roles & Responsibilities: . Researches and Evaluates security and IT financial compliance risk in order to factor that information into the development of security standards, procedures, and controls to manage that risk, with a mindset of continuous process improvement . Maintains central repository of Pivotree ISMS documentation, communicating and training staff on industry standards . Partners with stakeholders and customers across Pivotree's Business Units to harmonize policy and standard content . Proactively identifies and resolves issues in controls and determines new controls to be put in place to address gaps . facilitates third party external audits, such as, PCI, SOC1/2/3 and ISO 27001 . Monitors ever changing regulations to ensure Pivotree's controls remain in compliance . Delivers and assists other team members in risk identification and mitigation strategies, control documentation, evaluation of control design, evaluation of control operation, reporting of control deficiencies, and remediation strategies . Creates cyber security reports and dashboards to facilitate transparency and highlight the effectiveness of the cybersecurity program . Effectively communicates technical and non-technical content to diverse audiences Key Skills & Competencies: . A degree in Computer Science, Information Security, Cyber Security, Risk Management, or Information Technology or equivalent experience and accredited compliance management certification preferred . Interest in continual learning and willingness to invest time obtaining security certifications, such as, GSEC, CISA, CISM or CISSP . Understanding of Cybersecurity risk and governance standards, with NIST, ISO27001, SOC1/2 and PCI/DSS experience preferred . Previous experience as a compliance analyst in a related field . Excellent written communication skills, demonstrated ability to formulate compliance policies, procedures, and related documentation . Advanced analytical abilities . Effective research and professional networking skills . Detail focus, with the ability to accurately complete applications for compliance certification . Experience identifying and performing data classification with the intent to ensure appropriate control and authorization are present . Quantitative Risk Management: Experience implementing quantitative risk methodologies and integrating them into business activities . Third-Party Risk Management: Experience in completing 3rd party risk assessments . Experience creating and maintaining partnering relationships with business leaders at director and manager level with the capability to provide interaction and executive level communications Pivotree is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive and accessible workplace.