Compliance Technology Analyst - Fintech

Compliance Technology Analyst – Fintech



Our client is seeking an experienced Technology compliance professional to assist with the day-to-day general IT compliance needs of its Core POS business line. In this highly visible role, the Lead IT Compliance Analyst will help create and maintain corporate policies and procedures and manage internal testing programs.



Responsibilities:

• Assist in the development and maintenance of a robust compliance program to scale with the company's growth and ensure that the firm's products and services comply with all applicable regulatory requirements and industry best practices.

• Experience working directly with internal Security, TechOps, IT, Product, Hardware and Operations teams (required)

• Assist in documenting IT Compliance processes and procedures
• Serve as a point person for, and coordinate responses to, regulatory inquiries, due diligence requests and external audit requests (e.g., card brand reviews, SOC 1/2 , PCI, SOX and partner due diligence)
• Assist in the development and implementation of a continuous monitoring program for IT compliance and automation of manual processes.
• Perform tests of controls in accordance with compliance programs, including PCI and SOX.
• Monitor regulatory and industry trends to ensure required changes in compliance policies, procedures and testing are integrated in a timely manner.
• Assist with enterprise-wide targeted training for customers in compliance with relevant card brand and regulatory requirements
• Assist in the configuration and/or administration of a cloud-based (GRC) tool.

Requirements:

• CISA, CISM or CRISC and CISSP certification (required)
• At least 3-5 years of IT compliance experience in a start-up environment; both pre and post-IPO (required)
• At least 1 year of experience in technology, payment processing services or working knowledge and interest of technology infrastructure principles and practices (required)
• ISO 27001 Lead Auditor (a plus)
• Demonstrable experience interacting with auditors and strategic partners in cloud-based environments, relating to assurance frameworks such as SOX, PCI DSS, PA DSS, P2PE, ISO27001, SOC 2 Trust Principles, as well as Card Brand Merchant Operating Rules & Programs, Visa / Client Payment Facilitator obligations, Integrated POS Provider and Payment Aggregator obligations for Client, Business Continuity and Disaster Recovery and Third-Party Risk Management. NACHA experience (experience with some of these areas is required)
• Experience working on large cross functional teams, representing IT compliance on initiatives such as change management, identity and access management, policy management and data retention.