Compliance Analyst

Box - Redwood City, CA5.0

Full-timeEstimated: $68,000 - $96,000 a year

We are looking for a Compliance Analyst to join our team to help us scale our vendor compliance program! You will execute the vendor compliance audit program to provide assurance on the effectiveness of controlling third party risk and meeting our customer obligations. Box is looking for a self-motivated professional with experience influencing and communicating effectively across all levels of a company!
What you'll do

Conduct vendor reviews for existing and new vendors

Plan and execute vendor audits for critical/high risk vendors

Draft audit reports and communicate findings to vendors and business owners

Partner with Sourcing, Security, and Legal teams to streamline vendor reviews

Develop and maintain documentation of Vendor Management/Compliance Program tasks, processes and methodologies

Collaborate with the compliance team to develop and maintain the common control framework for the various certifications Box meets (i.e. FedRAMP, PCI, SOC, ISO)

Provide support for customer compliance questions

25% travel is required

Who you are

BS Degree in Business, Information Systems, Computer Science, or related field

2-3 years of experience with a focus on audit, compliance, vendor program, third party risk or equivalent

Experience reviewing and/or drafting SOC1/SOC2 reports

Experience reviewing penetration test reports

Experience scoping, planning, and conducting audits using the following frameworks (SOC2, ISO27001, etc)

Big 4 experience a plus

CISA/CISSP certification a plus

Willingness to wear different hats and work on different areas where needed

Ability to take ownership and be effective with limited supervision

Ability to produce high quality audit documentation and reports

Why you should work for us

Box is rapidly growing and is the leader in Cloud Content Management. We work with companies of all shapes and sizes and industries to transform how they collaborate internally and externally

You'll be a part of a world-class compliance program at the cutting edge of compliance and playing a role in shaping compliance in the cloud

You'll work with key partners across the company to drive continuous improvement and make a difference

Numerous perks and benefits, such as free lunches, free movie nights at the local theater, generous PTO, employee stock purchase plan, training budget, healthcare, etc.