Remote, United Kingdom
61 days ago
Security Compliance Analyst

The Company:

Marigold helps brands foster customer relationships through the science and art of connection. Marigold Relationship Marketing is a suite of world-class martech solutions that help marketers create long term customer love and loyalty. Marigold provides the most comprehensive set of use cases for marketers at any level. Headquartered in Nashville, Tennessee, Marigold has offices globally across the United States, Europe, Australia, New Zealand, South America and Central America, as well as in Japan.
 

The Role:
 

We are seeking an experienced Compliance Analyst within the GRC (Governance, Risk, and Compliance) team to take the lead on managing & facilitating Marigold’s external compliance to standards such as SOC2 and ISO 27001. 

This role will involve working closely with teams across Marigold to ensure that the business and our different products (some global) maintain compliance to, and can achieve certification to, all required standards. The successful individual will take responsibility for preparing for the audits, gathering evidence and working with relevant teams, and then coordinating and managing the audit itself.

 What You’ll Do: 

Facilitate audits with external auditors and product control owners.

Conduct regular assessments throughout the year to ensure compliance with design and operational controls.

Identify and address gaps in compliance, while effectively communicating the details.

Enhance processes for managing compliance initiatives.

Record and manage control documentation, linking evidence as necessary.

Build and deliver clear, actionable compliance reports.

Facilitate discussions with stakeholders across the organization to ensure alignment with compliance standards.

Ideal Qualifications: 

5+ years of relevant work experience.

French language skills (Intermediate level}

Strong ability to extract detailed information through effective questioning, active listening, and challenging assumptions.

Clear, concise communication skills with the ability to simplify complex topics.

Proven ability to work independently and collaborate effectively across all organizational levels.

Experience with a compliance audit, and readiness preparation.

Nice to Have:

Experience of global data privacy regulations such as GDPR and CCPA, as well as compliance standards such as ISO27701, PrivacyMark, and HiTrust (for HIPAA).

Relevant security-related qualifications such as ISO27001 Lead Auditor/Implementer, CISSP, or CISA.

Knowledge of AWS (for example Cloud Practitioner certified).

What We Offer: 

Workplace Pension

Life Assurance (Death in Service)

Medical/Dental/Vision

Employee Assistance Program

Cycle to Work

My Perks at Work

Confirm your E-mail: Send Email