Information Security Compliance Analyst
Netspring
At Optimizely, we're on a mission to help people unlock their digital potential. We do that by reinventing how marketing and product teams work to create and optimize digital experiences across all channels. With Optimizely One, our industry-first operating system for marketers, we offer teams flexibility and choice to build their stack their way with our fully SaaS, fully decoupled, and highly composable solution.
We are proud to help more than 10,000 businesses, including H&M, PayPal, Zoom, and Toyota, enrich their customer lifetime value, increase revenue and grow their brands. Our innovation and excellence have earned us numerous recognitions as a leader by industry analysts such as Gartner, Forrester, and IDC, reinforcing our role as a trailblazer in MarTech.
At our core, we believe work is about more than just numbers -- it's about the people. Our culture is dynamic and constantly evolving, shaped by every employee, their actions and their stories. With over 1600 Optimizers spread across 12 global locations, our diverse team embodies the "One Optimizely" spirit, emphasizing collaboration and continuous improvement, while fostering a culture where every voice is heard and valued.
Join us and become part of a company that's empowering people to unlock their digital potential!
Introduction
The focus of this Information Security Compliance Analyst role position is to support the customer request management and commercial agreements process ensuring customer due diligence request are supported from information security and compliance perspective. The analyst will also be required to support ongoing information security/compliance initiatives relating to the global information security compliance program from an operational perspective. The analyst must be organized with an ability to self-manage with multiple high priority initiatives.
Job Responsibilities
- Help support operational and process driven components of our ISO27001/SOC2/PCI information security program.
- Help drive a program of continual service improvement to ensure ongoing maturity of the global information security program.
- Help support the commercial agreement process by reviewing and providing feedback from a Compliance perspective, escalating risks and concerns where necessary.
- Coordinate, contribute and complete Requests for Proposals (RFPs), Due Diligence Questionnaires (DDQs), Security Questionnaires as well as ad-hoc questionnaires/requests for prospects and existing customers.
- Help maintain and exand the information security and privacy customer response/knowledgebase platform to ensure all information is regularly reviewed, is up to date and relevant across the product portfolio and other related engagements.
- Develop a strong understanding of our Software Service business, and what the products offer.
- Ensure high quality customer facing content, contribute to complex projects individually as well as balancing priorities within the team.
- Identify, communicate and escalate risks associated with customer proposals as well as the information security/compliance program overall.
- Work closely with Compliance Team members, Subject Matter Experts and other stakeholders/internal customers across the business, where necessary.
- Develop knowledge of industry trends, competitive landscape to facilitate improved customer experience.
- Support ongoing compliance initiatives relating to the global information security compliance program.
- Ensuring that information provided to customer is accurate and fit for purpose based on existing practices.
Knowledge and Experience
- Experience working in an Information Security role dealing specifically with governance, risk and compliance areas is preferred.
- Awareness of Information Security Compliance programs such as ISO27001, SOC2 & PCI.
- Ensure that information security control requirements are met from an operational perspective.
- The ability to identify risks, issues and vulnerabilities.
- The ability to work proactively, pragmatically and collaboratively in a fast-paced working environment, balancing multiple concurrent activities
- Knowledge of responding to Customer related Information Security and Privacy due diligence requests.
- Experience working with contractual agreements within the Compliance area.
- Strong communication skills collaborating with internal teams, enjoy collaborating across departments.
- Calm presence under tight deadlines.
- Self-starter, consistent performer, professional, positive attitude.
- Excellent attention to detail.
- Service-oriented mindset.
- Excellent verbal & written communication skills.
Education
Bachelor's degree preferred or equivalent work experience.
Competencies
Our new, cutting-edge office space in Dhaka is a testament to our dedication to enhancing your work experience. This state-of-the-art workspace features open workstations, a fully equipped kitchen, a nap room for relaxation, a tranquil zen garden, and an entertaining area, all designed to provide you with the ideal environment to thrive and grow.
As part of our commitment to you, here are other benefits and perks you can expect:
-
Best-in-class compensation plans
-
Two annual festival bonuses
-
Recognition and rewards programs
-
Vacations days
-
Annual Work/Service Anniversary Leave
-
Parental leave (both maternity and paternity)
-
Health insurance
-
Reproductive benefits for both parents
-
Volunteering opportunities to make a difference
-
Chance to work alongside our incredible global team
-
Free communal transport facilities inside Dhaka to and from the office
-
Free catered lunch every day
At Optimizely, our standardized language is English, and it is crucial to have good English communication skills to be successful in your global role. All our external and cross-location communication is done in US English (en-us), but internally you can speak in whichever native language you most identify with.
Optimizely is committed to a diverse and inclusive workplace. Optimizely is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.