Sr Compliance Analyst
Burlington, MA

Job Description

What's the role?

Security, Privacy, and Continuity (SPC) is a centralized organization that secures HERE products and services, ensures best-in-class security and privacy for customers and employees, and protects the organization against physical and virtual threats. SPC is a globally distributed team of security and privacy professionals and is growing to keep pace with HERE's expanding business and customer base.

HERE Technologies is seeking a Security Compliance Analyst to advise HERE leadership and partners on compliance-related issues, ensure compliance with applicable security standards, and streamline compliance activities. You will be responsible for ensuring requirements are met, aligning HERE organizational objectives and priorities with compliance regimes, leading compliance-related projects, and identifying issues proactively to facilitate the ongoing implementation of remediation actions.

Main Responsibilities:

* Maintain Information Security Management System (ISMS) in support of compliance standards, certifications, and industry best practices (e.g., ISO27001, SOC2, NIST)
* Collaborate with SPC, IT, and business teams as needed to align and define security and privacy compliance requirements and activities
* Develop deep understanding of HERE processes and controls, including those in the business, in support of SPC security and privacy compliance frameworks
* Implement compliance technology solutions to streamline and optimize HERE's compliance regime (e.g., through governance, risk, and compliance tooling)
* Apply expertise to actively analyze and determine potential applicability of novel and/or not-yet-adopted compliance requirements (e.g., based on business expansion into new sectors and geographies)
* Lead the planning, execution, and implementation of compliance-related projects, and provide regular status reports and presentations to SPC and IT leadership
* Ensure proper documentation and artifacts are maintained while handling SPC changes and partnering with other compliance and audit teams within the organization
* Maintain and support compliance-related security and privacy policies, procedures, controls, and reporting
* Establish and analyze audit result trends independently and identify ways to improve the business and maintain compliance
* Establish the business process for maintaining compliance results and satisfying HERE customer security and privacy inquiries
* Participate and contribute (e.g., through meetings, calls) during non-core working hours in support of global teams
* Travel internationally up to 25%

Who are you?

Having had success leading various projects you are someone with validated experience leading complex, high-tech projects, involving multi-functional business processes, matrix organizations and may involve dependencies with external business partners

Position Requirements:

* Bachelor's Degree in business, information technology, or equivalent work experience
* 3-5 years of experience successfully leading multi-functional projects and experience contributing to compliance and certification initiatives (e.g. SOC 2, ISO Standards, etc.)
* Demonstrated ability to collaborate at various levels of an enterprise environment; ability to lead up, down and across effectively.
* Proven management & delivery of IT process improvement projects
* Deep understanding of cloud computing services/continuous delivery deployment architecture is desirable (AWS, MS Azure)
* Experience performing technical assessments & audits of application security and working with auditors (internal & external)
* Experience defining certification roadmaps, compliance documentation, and that committed assessments are delivered on schedule is required
* Experience with industry tools (i.e. MS Project, Jira, ServiceNow, Archer, MetricStream, OpenPages, Confluence, SharePoint, Microsoft)
* Ability to work with a diverse global team, driving initiatives to closure

At HERE we offer an opportunity to change the world through the lens of location. From autonomous driving to the Internet of Things, we are building the future of location technology through strategic partnerships with industry leaders like Intel, NVIDIA, Mobileye and Tencent. Our mission is to create a digital representation of reality to radically improve the way everyone and everything lives, moves and interacts. We also have opportunities for remote work.

Who are we?

Ever checked in somewhere on social media? Ever tracked your online orders?" You might be using HERE Technologies every single day without even realizing it. You can find us everywhere: in vehicles, smartphones, drones or third-party apps. We believe that with the right people, we will continue to be a game-changer in the technology industry and improve the daily lives of people around the world. Find out more by clicking the video below or going HERE.

HERE is an equal opportunity employer. We evaluate applicants without regard to race, color, age, gender identity, sexual orientation, marital status, parental status, religion, sex, national origin, disability, veteran status, and other legally protected characteristics.