Relativity

Returning Candidate?

Compliance Analyst

Compliance Analyst

Job Location 
US-IL-Chicago
Req. # 
2017-EH-ENG-0032
Type 
Full-Time
Department 
Security
Sub-Department 
Software Security

MORE INFORMATION ABOUT THIS JOB

Overview

At Relativity, we make great software that helps users organize data, discover the truth, and act on it. Our product is used by more than 13,000 organizations around the world – in the cloud, on-premises, or both – to manage large volumes of data.

 

Here you can own your career in a community of values-driven people who help our customers around the world solve complex data challenges. If this sounds like the place for you, check out the details of this position below.

 

 

 

Relativity ODA is a global company with team members who are driven by our customers to build exceptional software for them to use every day. Our SaaS product, called RelativityOne, handles large volumes of data and helps corporations, law firms, and government agencies solve their own unique data problems. 

 

The way we work together is centered on our core values of collaborating, communicating, pushing to exceed expectations (even our own), being humble, and having fun while we do it. We enjoy ourselves, give back, and work (and play) hard together. If this sounds like the place for you, check out the details of this position below. 

 

The Compliance Analyst reports to the Senior Compliance Manager and will coordinate efforts within Relativity ODA and with partners. The successful candidate will help to expand, improve and sustain our success in maintaining our Information Security management standards in partnership with many Relativity ODA departments as we extend our offerings globally and across industries.

Responsibilities

Under the direction of the Senior Compliance Manager, evaluate and improve ongoing security and control effectiveness, including:

  • Responsible for coordinating the effective and efficient tracking of Information Security Management program and compliance related activities such as reviews, evidence tracking, performance monitoring, risk assessments, risk monitoring reporting and attestation/certification results
  • Responsible for the creation, coordination and/or retention of InfoSec Committee related documentation, including but not limited to oversight and committee materials, meeting minutes, procedures, policies, risk registry, testing results, security roles/permissions and other documentation as assigned
  • Build and recommend enhancements to the Information Security Management program and workflow tools
  • Perform control testing and process audit, operational process reviews and review of system implementations and applications
  • Champion process re-engineering by challenging the status quo of current processes and suggesting improvements or alternatives
  • Coordinate deployment and measurement of information security control standards across Relativity departments and partners as appropriate
  • Monitor and manage corrective action plans to ensure that any nonconformities are fully understood, accurately defined and actively managed
  • Maintain accurate log files and audit artifacts in a system of record 
  • Participate in the Information Governance function  
  • Assist with research and interpretation of standards and compliance regulations and procedures 
  • Assist with the development of policies and procedures and workflows 
  • Develop training for relevant procedures  
  • Align individual goals to Risk and Compliance team goals with S.M.A.R.T. objectives.
  • Recognize opportunities to balance risk and creativity in quickly responding to business / technical opportunities.

Qualifications

  • Three years of experience auditing and/or monitoring the effectiveness of information security and technology risks, processes and controls
  • Three years of experience with auditing standards and frameworks (e.g. COBIT, ISO 27001, NIST 800), industry guidelines and laws (e.g. Sarbanes-Oxley Act, SOC 2 TRUST Principles, FedRAMP) and privacy concepts (EU Data Privacy Directive, HIPAA) helpful, but not required
  • Experience with outside auditors
  • Demonstrated knowledge of key principles of information technology general controls, including change management, access to programs and data, segregation of duties, asset management, computer operations, encryption practices and secure systems development.
  • Current CISA (Certified Information Security Auditor) and / or CISSP (Certified Information Systems Security Professional) and / or CCSK (Certificate of Cloud Security Knowledge) and / or other security certifications helpful, but not required
  • Must be able to work in a collaborative team environment with individuals at varied levels of the Company
  • Understanding of continual improvement concepts and ability to effectively incorporate those skills into day-to-day work
  • Good verbal and written communication, facilitation, and interpersonal skills
  • Advanced knowledge of Microsoft Office software applications is preferred (Word, Excel, Outlook, Access)
  • Experience with and / or implementation of tools for managing Governance, Risk and Compliance activities is desirable (e.g., Archer, Service Now GRC, Workiva, Jira, etc.)

About Us

Our software has more than 150,000 active users in more than 40 countries from organizations including the U.S. Department of Justice, more than 70 Fortune 100 companies, and more than 195 of the Am Law 200. We have grown significantly over the last several years and continue striving to build software that helps solve our customers’ toughest e-discovery and unstructured data challenges.

 

If you’re ready to grow with us, we’d love to hear from you.

 

ABOUT KCURA

Share on your newsfeed

Connect With Us!

Not ready to apply? Connect with us for general consideration.