Compliance Associate – Audit and Assurance at Prove (Formerly Payfone)
Prove is hiring a new Compliance Associate – Audit and Assurance to join our growing Compliance Team. In this role, you will be a results-driven compliance professional who can respond to and organize compliance-related initiatives, and support Prove’s Compliance Manager – Audit & Assurance with assessments and audits (on-site and virtual) for Prove’s clients and prospects. We are looking to bring on an individual who is excited to learn and contribute to a fast-growing company and mission driven team on the front lines of data privacy and security.
What You Are Accountable For
- Promoting, maintaining and enhancing our cultural values of humility, passion, inclusion, and leadership.
- Supporting Prove's audit and assurance function. This involves coordinating and organizing external audits (e.g., SOC 2, PCI DSS 3.2, ISO 27001, GDPR and other privacy risk assessments) performed by accredited third parties.
- Performing internal assessments on new products and product designs to determine and communicate compliance requirements. This involves collaboration with internal teams at Prove, such as Product, Engineering, Information Security, and Legal.
- Coordinating cross-functional remediation plans and activities that arise from external audits and assessments.
- Assisting team members with due diligence requests from Prove's prospects and clients, including vendor risk, security, and regulatory compliance questionnaires.
- Assessing contract compliance for client and vendor agreements, including security controls, incident response, data protection/privacy requirements, data use/retention, disaster recovery, and business continuity.
What We Require
- Strong passion for learning about our fraud and identity/authentication products and markets through in-house and external training;
- Experience or strong interest in cybersecurity, fintech, or fast-growing startup is required;
- An understanding of or strong interest in security standards (e.g., ISO 27001, PCI DSS 3.2, SOC 2, etc.) privacy compliance obligations (e.g., HIPAA, CCPA, GDPR, etc.);
- Project management experience;
- Attention to detail, writing, and communication skills are critical, as this role requires cross-functional collaboration with internal stakeholders and results in client-facing materials/reports;
- Experience working at or with a financial institutions/banks and regulatory compliance preferred, but not required;
- Contract and Data Compliance preferred, but not required.
- Open to J.D. and and non-J.D. candidates