Compliance & Risk Analyst

Application and Interview Impersonation Notice: Impersonating another individual when applying for employment, and/or participating in an interview process to assist another individual in obtaining employment, with Precisely Software Incorporated (“Precisely”) is unlawful. If Precisely identifies such fraudulent conduct, then as applicable and to the extent permitted by law, the application will be rejected, an offer (if made) will be rescinded, or the employment will be terminated, and legal action may be taken against the impersonators.

Precisely is the leader in data integrity. We empower businesses to make more confident decisions based on trusted data through a unique combination of software, data enrichment products and strategic services. What does this mean to you? For starters, it means joining a company focused on delivering outstanding innovation and support that helps customers increase revenue, lower costs and reduce risk. In fact, Precisely powers better decisions for more than 12,000 global organizations, including 95 of the Fortune 100. Precisely's 2500 employees are unified by four company core values that are central to who we are and how we operate: Openness, Determination, Individuality, and Collaboration. We are committed to career development for our employees and offer opportunities for growth, learning and building community. With a "work from anywhere" culture, we celebrate diversity in a distributed environment with a presence in 30 countries as well as 20 offices in over 5 continents. Learn more about why it's an exciting time to join Precisely!

Overview

This position is for an Information Security Compliance and Risk Analyst who will be an integral member of a dynamic, agile, and high-performing team. The analyst will be responsible for completing client assurance questionnaires, supporting audits, and performing vendor risk assessments. Working collaboratively within this energetic environment, the analyst will contribute to the implementation and monitoring of Precisely’s security framework, conduct risk assessments, and provide expert guidance on security controls. Success in this role requires strong organizational skills, the ability to prioritize tasks independently, and a commitment to meeting tight deadlines as part of a team that continuously drives excellence.

What You Will Do

• Collaborate with the Triage team, Account Executives, and Renewals teams to complete client questionnaires and conduct assurance reviews.
• Participate in reviewing, redlining, and negotiating client and vendor contracts to address information security provisions.
• Support the development, evaluation, and maintenance of enterprise-level Information Security policies, standards, and guidelines.
• Guide internal business units in the adoption of Information Security policies, procedures, and industry best practices.
• Coordinate with internal business units to address assurance requirements from clients.
• Assist business units with the implementation and monitoring of security controls in accordance with SOC2 and ISO27001 standards.
• Provide performance and risk data for monthly information risk board reporting.
• Perform vendor risk assessments and maintain the vendor register.
• Oversee and report on information security risk management, ongoing monitoring programs, and related matters.
• Undertake additional responsibilities pertaining to Information Security risk management, governance, and compliance as assigned.
  
  

What We Are Looking For

• Degree in Information Security, IT, or related field, or equivalent experience.
• Minimum 3 years as an information security analyst or similar role preferred.
• Solid grasp of GRC practices, enterprise risk methods, and security governance.
• Good team player with strong written and verbal communication skills for effective internal and external interactions.
• Able to explain technical risks to non-technical audiences and vice versa.
• Experience with Governance, Risk & Controls (GRC) platforms advantageous.
• Familiarity with ISO 27001, SOC2, FedRAMP, NIST, or equivalent frameworks desirable.
• Works enterprise-wide to continuously improve business processes and maintain compliance with applicable information security related regulations and standards.
• Preferred certifications: CISA, CISM, CRISC, CISSP, ISO27001 lead implementer/auditor.
  
  

Salary: 114 750 - 153 000 PLN gross per year

The personal data that you provide as a part of this job application will be handled in accordance with relevant laws. For more information about how Precisely handles the personal data of job applicants, please see the Precisely Candidate Privacy Notice