Compliance Analyst

We are looking for a Compliance Analyst to join us in Croatia! This is a hybrid work role, where the successful candidate will be able to work from home as needed in Croatia (preferably, Zadar or Zagreb).

Responsibilities:

The successful candidate will be on the leading edge of company compliance and governance activities. These include driving and leading compliance to critical regulations across the UK, EU and North America. The goal is to be able to govern our compliance continuously, which means automation, possibly AI, and learning opportunities. The successful candidate will be challenged in finding solutions for continuous compliance and governance purposes to meet these needs. The successful candidate will also need to be current on various compliance and governance processes and technologies or learn them. The role will challenge process, technology and relationship skills. You will also be a key leader involved in the support of audits by regulatory bodies and external auditing firms. If you are up to the challenge, we have a great opportunity for you. One of the first challenges you will get to work on is taking the mundane and automating or evolving to be more efficient.

The Mundane Responsibilities:

• Leading day-to-day compliance activities;
• Responding to customers’ questions and questionnaires;
• Assisting in managing and responding to data subject access requests with our Data and Compliance teams;
• Conducting due diligence on key third party vendors and partners;
• Drafting compliance templates and strategies and conducting research on compliance topics;
• Onboarding and offboarding employees and ensuring that all Cognism employees complete relevant security and compliance requirements;
• Managing security awareness and anti-phishing training;
• Assisting with Cognism’s ISO 27001/27701 and SOC2 audits and maintaining records and evidence

Your goal is to evolve these activities so that you can work on:

• Automation of compliance reporting;
• Evaluating new or proposed regulatory impacts;
• Evaluating new solutions for further enhancing the mundane processes;
• Leading Cognism certification efforts and automating evidentiary requirements.

Requirements:

Qualification & Experience:

The successful candidate will have a technical background as well as compliance background including:

• Bachelor's degree or equivalent;
• Experience working in a tech company/start up, in a fast-paced environment;

• 4 years of experience in critical compliance and security functions such as
• Client questionnaires (SIG) and driving responses;
• Deep understanding of GDPR, CCPA and data privacy regulations around the world;
• KPIs and KRIs
• Control testing
• Vendor management;
• Risk management;
• Policy management;
• Inventory management;
• Incident handling.

• Knowledge or experience in Control Frameworks including:
• EU and UK GDPR;
• US Data Privacy laws;
• ISO27001/2;
• ISO27701;
• NIST 800-53
• PCI
• CoBit
• COSO
• CRisk
• ITIL
• Process execution and management
• One or more Industry Certification(s) such as
• CIPP
• CISA
• CISSP
• CISM

Skills and Competencies:

• Communicates With Impact: Presents information and ideas in a thoughtful and compelling manner. Is clear and concise in verbal and written communications. Shares information freely and speaks openly and honestly. Seeks to understand the perspectives of others.
• Drives and Delivers Results: Sets clear priorities, takes action, stays focused, and overcomes barriers to deliver expected results.
• Solves Problems and Makes Good Decisions: Evaluates critical information needed to understand problems, determine probable causes, and develop workable solutions. Accurately assesses the costs, benefits, and risks associated with alternative courses of action and makes high quality and timely decisions.
• Leads Change: Sees emerging patterns and opportunities. Adapts quickly and easily to new information, changing conditions or unexpected events. Facilitates and communicates change across the team or organization to drive adoption.
• Lives Our Values: Behaves in a way that consistently demonstrates commitment to Company values (Integrity, Passionate Client Service, Teamwork, Accountability, Performance Excellence, and Continuous Improvement)
• Information Security and Compliance: Demonstrates understanding of Company policies, procedures, and external regulatory requirements, and performs duties in accordance with such regulatory requirements. Assures confidentiality and security of all data. Demonstrates the skills, knowledge, and ability to ensure that our environment is a safe one, complying with industry standards.