Guild is hiring for a Information Security Compliance Analyst to manage Guild Education’s compliance program

As Guild Education’s Information Security Compliance Analyst you will be responsible for contributing to, and improving, the operations of the Guild Security Governance Program. This position will assist with developing a compliance program for Guild that aligns with SOC 2 principles, ISO 27001 and NITST 800-53. In addition, this position requires the ability to conduct ongoing research to stay current regarding new government regulations and updates as well as completing general administrative, communication, document maintenance activities. 

As a Corporate Security Governance , you will:

• Help to write controls for the SOC audit
• Perform quarterly control testing
• Perform third party oversight reviews
• Perform or contribute to ongoing risk assessments
• Help identify control gaps and lead projects for remediation
• Work closely with the threat and vulnerability team to identify emerging threats and risks 
• Work with the DevSecOps team member on application security controls and testing
• Contribute to, and improve, the operations of Guild’s Security Governance Program
• Make viable contributions towards policies, standards and procedures as they apply to security governance, risk, and compliance requirements
• Monitor regulatory, security, and contractual compliance requirements
• Play a part in the design and implementation of technical security safeguard architecture
• Build rapport, credibility, and cohesion across all business unit teams and IT teams in the course of managing the projects
• Act as a backup for completing customer audits, and prospective RFP’s

You are a strong fit for this role if you have:

• The ability to be reliable and adaptable
• Operated with high confidence and integrity
• Good written and verbal communication and organizational skills
• The ability to be a strong team player that collaborates well with others to solve problems and actively incorporates input from various sources
• Experience in the execution of dynamic controls frameworks and regulatory standards such as: ISO, COBIT, NIST, CCPA, ISO 27001, CSAStar and other relevant industry regulations, standards, and guidelines