Principal, Security Compliance Analyst - Compliance Enablement & Automation Team at OpenText in Scottsdale, Arizona

Job Description:

OPENTEXT - THE INFORMATION COMPANY

As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.

Opentext - The Information Company

As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.

The Opportunity:

The Principal, Security Compliance Analyst will have the opportunity to impact meaningfully contribute to the OpenText Compliance Program in accordance with ISO 27001, PCI-DSS, SOC1/2, HIPAA, SOC2+HITRUST, SOX and FedRAMP. The Principal, Security Compliance Analyst plays a key role in the continued development and maturity of an ever-growing Security Compliance Program that supports the delivery of compliance certifications to support customer security requirements. This role will operate in OpenText's second line of defense within the overall IT control environment. In this role, you will be involved in managing and sustaining the various compliance programs by working collaboratively with internal teams, SMEs, external customers, vendors, auditors and other stakeholders.

What You Are Great At:

• Drive control automation and support process improvement in the delivery of OpenText's Compliance portfolio.


• Setting strategic direction for audit readiness, managing compliance programs, driving continuous improvement activities, delivering dashboarding & reporting metrics enabled.


• Interfacing with auditors, articulating control implementation and impact, and establishing considerations for applying security and compliance concepts to a technical cloud environment.


• Effectively communicating compliance program results, including assessment status, workflow, remediation, and reporting, to a broad audience including peers and senior leaders.


• Coordinating the overarching annual audit plan with internal and external auditors to support delivery of multiple, simultaneous audits and certifications (both new and existing) within the Open Text portfolio.


• Supporting delivery of audit milestones to ensure audit timelines stay on target by proactively identifying and coordination resolution of roadblocks, compliance risk.


• Collaborating cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of compliance readiness and audit execution.


• Participating in, or potentially leading, gap assessment, compliance readiness, and compliance monitoring activities.


• Developing metrics and dashboards for reporting on assigned compliance programs.


• Contributing to the ongoing strategy of enablement of technology through business intelligence and automation to support the compliance and control environment.


• Champion a process of continues improvement through effective tools and organizational change management.

What it takes to excel:

• 10+ years of experience in IT audit and/or compliance, with a concentration on leading multiple, simultaneous audit engagements for a Cloud Service Provider, encompassing multiple frameworks


• Experience with GRC Tools such as ServiceNow GRC.


• Experience with continues control monitoring programs and leading practices of control automation.


• A background of data analytic with tools such as Microsoft PowerBi.


• Strong technical, analytical, interpersonal, communication and writing skills.


• Competency in Compliance Program Management.


• Experience delivering compliance programs in GCP, AWS, Azure is a plus


• Detailed understanding of evaluating the design and effectiveness of controls and experience working with auditors/regulators for compliance assessments


• Experience leading preparation for and/or managing assessment activities (SOC 2, ISO 27001, PCI DSS, HIPAA/HITRUST, SOX, etc.) for assigned cloud services through assessment planning, assessment fieldwork, and final report delivery


• Experience building certification roadmaps based on customer requirements, compliance documentation, and ensuring that committed assessments are delivered on schedule.


• Experience with FedRAMP is a plus.


• Ability to work both independently and within a global team environment


• Demonstrated strength in working in a high change environment.


• Effective team collaboration plus the ability to coach and mentor others.


• Strong personal characteristics as demonstrated by the following: Owners mindset, achievement-oriented, self-controlled, self-confident, flexible, approachable, and dedicated.


• Required industry standard certifications (CISSP, CISA, ISO 27001 Lead Implementer/Auditor) or equivalent


• Bachelor's Degree in Information Technology, Business, or related vocations.

At OpenText we understand and value diversity in our employees and are proud to be an Equal Opportunity Employer. We hire the best talent regardless of race, creed, color, national origin, ancestry, disability, marital status, sex, age, veteran status or sexual orientation. If you require accommodation at any time during the recruitment process please email accommodationrequests@opentext.com. Applicants have rights under Federal Employment Laws including but not limited to:Family and Medical Leave Act (FLMA),Equal Employment OpportunityandEmployee Polygraph Protection Act