Our Governance Risk & Compliance (GRC) Operations team at Workiva is actively seeking a talented Senior Compliance Auditor to become a valuable member of our growing team. Envision our team as a collaborative ensemble with three integral branches - G, R, and C. As a pivotal member of the Compliance (C) branch, your role will involve coordinating, managing, facilitating, troubleshooting, and maintaining Workiva’s external audits. Get ready to join forces with our Governance and Risk branches, working seamlessly to ensure a comprehensive approach to compliance and risk management.

Why Workiva?

At Workiva, we invite you to not just find a job but embark on a journey where every day is a new chapter filled with challenges and growth opportunities. We foster a culture that thrives on change, values a supportive team environment, and cherishes work-life balance. Join our highly trusted, close-knit team that celebrates diversity and champions efficiency, flexibility, and collaboration. It's not just a job; it's a chance to contribute to something bigger.

What You’ll Do

Enhance Compliance and Mitigate Risks

• Develop and evaluate compliance programs and processes to mitigate cybersecurity risks

• Research and interpret current and pending governmental laws, regulations, industry standards, and contracts to communicate compliance requirements

• Conduct information security risk assessments, security compliance audits, and cybersecurity audits

• Establish information security audit procedures relevant to SOC1, SOC2, ISO, ISAE, FedRAMP, SOX, HIPAA, GLBA, domestic and international data privacy laws

• Evaluate and test the design and operating effectiveness of information security and technology controls

• Maintain compliance of internal information security controls by meeting internal and external information security requirements

• Document, investigate, and report cybersecurity compliance issues and incidents

• Collaborate with business leaders to review information security risk findings and implement solutions

What You’ll Need

Required Qualifications

• 4+ years of experience leading, coordinating, managing document collection, and facilitation of external audits  

• Bachelor’s degree or equivalent combination of education and experience in a related field

• Ability to work independently and communicate effectively with internal and external stakeholders

• Superior planning and execution skills to produce audits on time with minimal disruption to the business

Preferred Qualifications

• Information Security knowledge/experience relating to audits/controls with CVEs, intrusion detection, identity access management, and SaaS infrastructure

• International audits

• ISO audits/certifications experience relating to ISO 27701 and ISO 21434 as well as ISAE-3400, ISAE-3402

• FedRAMP experience

• Privacy knowledge with a focus on ISO privacy audits

• Demonstrated capability to communicate issues within the team and work toward resolution

• Excellent judgment and strong creative problem-solving skills

• Negotiation, influencing, and conflict resolution skills

• Highly motivated and able to work on multiple projects simultaneously

• Demonstrated ability to improve the security posture in a dynamic environment

• Ability to build strong partnerships across the technology and business teams

Travel and Remote Work

• In the course of your responsibilities, you can expect approximately 5% travel

• As part of our commitment to flexibility, we operate as a remote-friendly organization

• Recognizing the paramount importance of reliable internet connectivity, your commitment to a reliable internet connection ensures that our team stays connected, productive, and on top of our game