THE OPPORTUNITY:
This remote opportunity is an existing vacancy open to candidates residing anywhere in the United States and Canada.
The Compliance Engineer will have a global responsibility in the organization to maintain and approve the processes and procedures needed to meet current and future client needs across the suite of solutions offered by VelocityEHS. The individual with work with teams across all of VelocityEHS’s operations to ensure that appropriate processes are documented with adequate controls and segregation of duties to meet or exceed industry standards such as ISO27001/2. Understanding of IT and business processes and the ability to communicate effectively cross functionally are critical to the role. The Compliance Engineer will need to have experience interfacing with external audit staff to complete timely external examinations and report generation. Additionally, the Compliance Engineer will be responsible for an ongoing, continuous audit cycle with dynamic improvements to aid business stakeholders efficiently and effectively meet objectives.
Primary Duties and Responsibilities
- Manage controls and documentation for ISO27001/2 examinations for VelocityEHS solutions.
- Manage an internal audit plan that includes monthly, quarterly and semi-annual reviews of key control activities to maintain on-going compliance
- Maintain relevant IT policies and guidelines in line with current industry standards (e.g. NIST 800-53, ISO 27001/2, CIS)
- Maintain documented processes and procedures used by teams in meeting compliance objectives
- Assist in project manage remediation efforts for areas of opportunity identified during examinations
- Able to map controls between ISO27001/2 and SOC 2.
Minimum Skills and Qualifications
- 2+ years of ISO27001/2 audit experience
- Demonstrated experience with at least one of the following: FedRAMP, ISO 27000 series, CIS Critical Security Controls
- Must be self-motivated but also work as part of a team with great interpersonal skills
- Strong analytical skills and excellent written and oral communications
- Experience in a cloud oriented Software as a Services environment
- Ability to manage external auditors
Preferred Skills and Qualifications
- Knowledge of information privacy controls around GDPR
- Knowledge of IT Systems and Networking concepts
- Familiarity with Vendor Risk Management assessments
VelocityEHS is committed to competitive, fair, and equitable compensation practices by offering market-based salary ranges. The expected salary range for this position is between $93,600 and $124,100 USD (United States) or $87,100 and $110,400 CAD (Canada). We aim to hire between the minimum and midpoint of the salary range and offers at the maximum of the range are uncommon. The final offered salary will be based on candidate’s proficiency in skill set, prior relevant experience, internal equity, market considerations, and other factors. This role is eligible for our comprehensive benefits package.
We welcome and encourage diversity in the workplace. VelocityEHS is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to age, race, color, national or ethnic origin, religion, sex, sexual orientation, gender identity or expression, marital status, family status, veteran status, Indigenous/Native American status, or disability. Applicants with disabilities can request accessible formats, communication supports, or other accessibility assistance by contacting [email protected]
Headhunters and recruitment agencies may not submit resumes/CVs through this website or directly to managers. VelocityEHS does not accept unsolicited headhunters and agency resumes. VelocityEHS will not pay fees to any third-party agency or company that does not have a signed agreement with VelocityEHS.