Sr. Security Compliance Specialist

What You'll Do

Avalara's Organizational Risk, Resilience, Compliance and Audit team (ORRCA) is responsible for managing various risk and compliance initiatives and is looking for someone to support a growing team to help build out the security compliance function. You will report to Senior Director, Security Operations.

What Your Responsibilities Will Be

• You will be responsible for the overall coordination, execution, and quality control of assigned compliance controls such as access reviews, change reviews, terminated user analysis.
• You will ensure controls are appropriately performed by all stakeholders within defined SLAs.
• You will help implement compliance management in ServiceNow.
• You will perform compliance assessments against frameworks and develop remediation plans.
• You will work closely with system owners to ensure corrective action plans are in place to remediate gaps or deficiencies.
• You will identify areas for automation and/or business process improvements.
• You will assist in collecting and migrating control information into Avalara's GRC platform.
• You will work strategically and independently with internal and external groups on multiple simultaneous projects.
• You will apply compliance and security control knowledge within cloud environments such as AWS and GCP.
• You will identify opportunities to leverage AI and other automation technologies to streamline compliance processes.

What You'll Need to be Successful

• Bachelor's degree in information technology, Computer Science, or equivalent experience
• 3+ years of work experience in IT Audit, IT Security, or IT Risk Management
• 3+ years of work experience working with ISO 27001, SOC 1, SOC 2, SOX, NIST etc.
• AI and automation experience.
• Basic understanding of risk concepts, including risk identification, evaluation, mitigation, and measurement