Principal Security Compliance Analyst

**Principal Security Compliance Analyst**:

- Req id: 37918- Virtual, CA Virtual, US**OPENTEXT - THE INFORMATION COMPANY**

As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.

**The Opportunity**

The Security Compliance Analyst will have the opportunity to make meaningfully contributions to the OpenText Compliance Program and cultural influences in accordance with various security frameworks, including and not limited to SOC1/2/3, ISO 27001, ISO27017, FedRAMP, SWIFT, HIPAA, and SOC2+HITRUST frameworks. The Compliance Security Analyst plays a key role in the continued development and maturity of an ever-growing Security Compliance Program that supports the delivery of compliance certifications and customer security requirements. In this role, you will be involved in managing and sustaining the various compliance programs by working collaboratively with Product, Cloud Operations, internal teams, auditors and other stakeholders.

**You Are Great At**
- Partner with OpenText stakeholders strategically to increase Compliance influence and impact within the company, and better support customer security certification requirements.
- Look beyond symptoms, perform finding reviews and root cause analysis for issue resolutions.
- Developing metrics and dashboards for reporting on findings and trend analysis.
- Identify areas of improvement for control structures across multiple compliance frameworks, to support ‘test once, report many’ audit approach.
- Collaborating cross-functionally with technology and business stakeholders to enable effective integration and interlocks.
- Collaborate with Product and Operations teams to identify certification efficiency opportunities and alignment to various lines of businesses.

**What It Takes**
- 7+ years of experience in IT audit and/or compliance, with a concentration on leading large complex audit or compliance engagements for a Cloud Service Provider, encompassing multiple frameworks.
- Familiar with Information Security principles, fluent with fundamental IT processes and controls (e.g. Change Management, Incident Management, Risk Management, Network and System Administration)
- Experience collaborating with non-compliance professionals, advocating and educating the organization on compliance values and requirements.
- Ability to independently research and analyze audit requirements and findings, to identify trends and themes, and provide clear concise leadership reporting.
- Manage the audit finding life cycles, work with business stakeholders to identify root causes and remediation efforts. Enforce accountability on finding resolutions.
- Perform analysis to better align compliance scope and reporting to organization lines of businesses and products.
- Manage the OpenText global controls across multiple security frameworks, support ‘test once, report many’ audit approach.
- Strong technical, analytical, interpersonal, communication and writing skills.
- Team player, ability to work independently and within a global team environment to achieve common goals and objectives.
- Big 4 and public accounting experience is highly preferred.
- Strong personal characteristics as demonstrated by the following: achievement-oriented, self-controlled, self-confident, collaborative, flexible, approachable, and dedicated.
- Required industry standard certifications (CISSP, CISA) or equivalent
- Bachelor’s Degree in Information Technology, Business or related vocations.