8 days ago
Security Policy & Compliance Analyst
Ziply Fiber
On Site
Full Time
$91,926
Everett, WA
Job Overview
Job TitleSecurity Policy & Compliance Analyst
Job TypeFull Time
CategoryCommerce
Experience5 Years
DegreeMaster
Offered Salary$91,926
LocationEverett, WA
Who's the hiring manager?
Sign up to PitchMeAI to discover the hiring manager's details for this job. We will also write them an intro email for you.
Job Description
Job Summary
The Security Policy & Compliance Analyst at Ziply Fiber plays a key role in maintaining the company’s information security posture. This position is responsible for managing the review, publication, and enforcement of internal security policies and procedures. The analyst supports cross-functional teams in aligning with regulatory security frameworks such as NIST, SOC 2, SOX, and PCI-DSS, while also maintaining documentation that demonstrates compliance and due diligence.
Essential Duties and Responsibilities
The Essential Duties and Responsibilities listed below are a range of duties performed by the employee and not intended to reflect all duties performed.
Policy Management
- Administer the policy lifecycle, including drafting, coordinating reviews, publishing, and updating security policies.
- Collaborate with Legal, IT, and Security to ensure policies align with business and regulatory requirements.
- Maintain centralized documentation for audits, assessments, and regulatory reviews.
- Assist in preparing and organizing policy and evidence documentation for internal and third-party audits.
- Monitor regulatory developments and assist in aligning internal practices accordingly.
Compliance Monitoring & Enforcement
- Assist in monitoring organizational adherence to internal policies and procedures.
- Track and report on compliance and policy enforcement metrics.
- Arranges, conducts, and monitors compliance testing, audits, and investigations.
- Provides ongoing monitoring of compliance information systems and processes.
- Informs supervisor of any compliance violations.
Risk & Regulatory Alignment
- Reviews internal systems, controls, and processes and identifies ways to resolve regulatory gaps and deficiencies.
- Assists with the implementation of new and updated compliance systems, standards, processes, procedures, and policies.
- Ensures compliance with all local, state, and federal laws and regulations as well as company policies, procedures, and internal controls.
Training & Reporting
- Support compliance initiatives across departments by providing guidance and training.
- Generates analyses and reports containing results of compliance testing to management.
- Develops, maintains, and delivers compliance training content and programs.
Other Duties
Performs other duties as required to support the business and evolving organization.
Required Qualifications
- Bachelor of Science (BS) in Computer Science, Information Technology, Risk Management, Legal Studies, Business, or a related field.
- Minimum of two (2) years in a policy, audit, or compliance analyst role.
- Strong understanding of risk frameworks such as National Institute of Standards and Technology Cybersecurity Framework (NIST CSF), NIST Special Publication 800-171, International Organization for Standardization ISO 27001, Service Organization Control 2 (SOC 2), Sarbanes-Oxley Act (SOX).
- Direct experience managing regulatory requirements such as Payment Card Industry Data Security Standard (PCI-DSS) and NIST guidelines.
- Experience contributing to cross-functional compliance projects or initiatives.
- Familiarity with Governance, Risk, and Compliance (GRC) platforms or compliance tracking systems.
- Familiarity with legal hold processes, third-party risk management, and incident response documentation.
- Familiarity with business continuity and incident response concepts and procedures.
Preferred Qualifications
- Industry certifications such as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), or equivalent certifications.
Knowledge, Skills, and Abilities
- Excellent verbal and written communication skills with strong attention to detail, organizational ability, and proficiency in documentation, including presenting to executives and auditors.
- Ability to work independently and apply sound judgment and reasoning skills to a variety of situations.
- Strong organizational and analytical skills.
- Ability to interpret and apply regulatory requirements.
- Demonstrated integrity and professionalism in handling sensitive documentation.
Key skills/competency
- Information Security
- Policy Management
- Regulatory Compliance
- NIST Frameworks
- SOC 2
- PCI-DSS
- SOX
- Risk Management
- GRC Platforms
- Audit Support
How to Get Hired at Ziply Fiber
- Research Ziply Fiber's culture: Study their mission, values, recent news, and employee testimonials on LinkedIn and Glassdoor to understand their commitment to community and connectivity.
- Tailor your resume for compliance expertise: Customize your resume to highlight experience with NIST, SOC 2, PCI-DSS, and GRC platforms, emphasizing your policy management and audit support skills for this Security Policy & Compliance Analyst role.
- Showcase your communication skills: Prepare to demonstrate your excellent verbal and written communication, organizational abilities, and experience presenting to executives and auditors during your interview process at Ziply Fiber.
- Understand regulatory frameworks: Deeply familiarize yourself with the specific regulatory frameworks mentioned (NIST, SOC 2, SOX, PCI-DSS) as you will be responsible for their implementation and enforcement.
- Prepare for behavioral questions on integrity: Be ready to discuss situations where you demonstrated integrity and professionalism in handling sensitive information, a key requirement for a Security Policy & Compliance Analyst.
Frequently Asked Questions
Find answers to common questions about this job opportunity
01What core security frameworks will the Security Policy & Compliance Analyst manage at Ziply Fiber?
02What is the primary focus of the Policy Management duties for this analyst position at Ziply Fiber?
03What specific certifications are preferred for the Security Policy & Compliance Analyst role at Ziply Fiber?
04How does the Security Policy & Compliance Analyst contribute to risk and regulatory alignment at Ziply Fiber?
05What kind of training responsibilities does the Security Policy & Compliance Analyst have at Ziply Fiber?
Explore similar opportunities that match your background