Security Compliance Analyst

Security Compliance Analyst

We are looking for a highly motivated individual with information security governance and compliance experience to be part of our team! As a Security Compliance Analyst at Hive, you will collaborate with engineers and auditors to meet security compliance controls as well as enhance security compliance capabilities. You will be responsible for addressing auditors' requests and performing on call operations. Our ideal candidate should be able to assist in running the risk management program that is managed by the Information Security team.

Responsibilities

• Manage Hive's current risk management program
• Manage external and internal audits, including reviewing materials that require attention for accuracy and properly adhering to regulatory expectations.
• Implement ISMS in coordination with executive and mid-level management
• Participate in building a comprehensive Governance, Risk and Compliance program
• Work with Engineering and Product teams to identify process improvements and efficiencies in areas change management, access management and general technology process controls.
• Provide compliance, risk, and controls expertise to support information security and compliance initiatives.
• Protect the business by assisting with cyber security risk assessments.
• Maintain awareness of industry best practices for data maintenance handling as it relates to your role
• Manage security and privacy training programs
• Adhere to and champion policies, guidelines and procedures pertaining to the protection of information assets
• Manage external security, privacy, and compliance requirements, including both internal requirements for vendors as well as external requirements placed on Hive
• Report actual or suspected security and/or policy violations/breaches to an appropriate authority
• Define, develop, implement, and maintain our policies and processes that enable consistent, effective privacy practices that minimize risk and ensure the confidentiality of protected information, paper and/or electronic, across all media types and comply with applicable privacy laws and regulations

Requirements

• Bachelor's degree or related experience
• Minimum 4+ years experience related to conducting risk-based assessment for information systems and/or operations.
• Minimum 1+ years experience running a comprehensive Governance, Risk and Compliance program
• Minimum 2+ years experience leading industry standard (ISO 27001 or SOC 1/2) audits from either side
• Strong knowledge of applicable privacy laws (CCPA/CPRA, GDPR)
• Ability to communicate in a written and oral format to technical and non-technical audiences in a business-friendly manner
• Demonstrated success in a competitive environment
• Highly self-motivated and ambitious in achieving goals
• Strong team player, but can work and execute independently
• Driven; no one needs to push you to excel; that's just who you are
• Hungry to learn and actively look for opportunities to contribute
• Highly organized and detail-oriented; can handle multiple projects and dynamic priorities without missing a beat

Who We Are

We are a group of ambitious individuals who are passionate about creating a revolutionary AI company. At Hive, you will have a steep learning curve and an opportunity to contribute to one of the fastest growing AI start-ups in San Francisco. The work you do here will have a noticeable and direct impact on the development of the company.

Thank you for your interest in Hive and we hope to meet you soon!

The current expected base salary for this position ranges from $110,000 - $140,000. Actual compensation may vary depending on a number of factors, including a candidate's qualifications, skills, competencies and experience, and location. Base pay is one part of the total compensation package that is provided to compensate and recognize employees for their work; stock options may be offered in addition to the range provided here.