Policy & Compliance Analyst

😎 Our CultureQuantum Metric's number one objective is happy people, diverse and inclusive culture.  We’re passionate about empowering our people to become the best version of themselves, offering coaching and training programs designed to accelerate their career in whatever direction they choose.  
As a remote-first company, we understand the importance of building an engaged, diverse, and fun place to work. We hold regular company-wide events, seasonal challenges, and Quantum Metric sponsored local outings when Zoom becomes too much. We also have a number of Employee Resource Groups that provide spaces to discuss, share, and reflect on topics that impact us both inside and outside of work - from being new to SaaS or navigating it as a first-time parent, to overcoming the barriers faced as Black, Hispanic, Asian American and Native Hawaiian/Pacific Islander, LGBTQIA or other underrepresented backgrounds.  We are also passionate about the connections we build with our customers. You’ll not only work with some of the world’s most recognized brands, but build lasting relationships.
At Quantum Metric we value all types of experience and education and don’t expect you to meet every qualification for this position. We are most interested in the unique perspective you can bring and your ability to uphold our values of passion, persistence, and integrity.
🚀 About the RoleThe Policy & Compliance Analyst will play a key role in supporting the organization’s compliance program for Cloud Operations, Security, Engineering, and Privacy compliance initiatives, with a primary focus on ensuring the application of security best practices within cloud environments. The analyst will assist in tracking, improving, and maintaining the organization’s IT processes, ensuring they meet or exceed audit requirements while aligning with broader IT business practices. Additionally, this role will support the organization’s privacy and security strategy, ensuring compliance activities are effectively coordinated across departments.

🔧 Responsibilities

• Responsible for supporting our Risk Assessment, Internal Audit, SOC 2 + HITRUST, and ISO 27001 audit processes, helping with the continuous update and maintenance of compliance policies, and tracking compliance efforts
• Assist in the completion of customer security and due diligence questionnaires, ensuring timely and accurate submissions
• Monitor cloud operational metrics, working closely with the security team on policy alignment, and supporting the development of remediation strategies and mitigation controls for any identified compliance gaps or risks
• Assist in leading company wide initiatives around annual certification/audit objectives for SOC 2, HITRUST, ISO 27001, PCI, or other standards as needed, including working directly with external auditors to support audit efforts
• Create and maintain documentation, such as policies and procedures
• Obtain, review, and refine organizational IT policies, standards, and procedures to identify control points that would assist in mitigating risk to the business
• Assist in the maintenance and accuracy of various compliance tools
• Work through and lead customer security questionnaire requests
• Ensure all information technology systems, activities, policies, and procedures fully comply with applicable laws, standards, and regulations
• Work with Cloud Ops, Engineering and Information Security to ensure full and complete implementation of IT controls, standards and policies
• Review test results or interpret evidence to address vulnerabilities, gaps, or control deficiencies; work with stakeholders to establish plans for sustainable resolution
• Assists in the execution of IT & security risk assessments and conducts related ongoing compliance monitoring activities
• Perform other tasks as necessary to ensure that compliance meets its commitments to stakeholders

💡 Requirements

• Bachelor's Degree in Computer Science, Information Security, or related field
• Familiarity and knowledge with relevant legal and regulatory requirements like SOC 2, ISO 27001, HIPAA, and Payment Card Industry/Data Security Standard (PCI.)
• Excellent verbal, written and organization skills
• Experience in IT compliance, Cloud technologies, security engineering, application security, and data privacy
• Knowledge of information risk concepts/related business needs to security controls
• Passion for working in a team-driven environment, with a commitment to continuous learning and professional growth
• Compensation: $70,000 - 90,000 Base

🏆 Perks and BenefitsThis will be the best group that you ever work with! We support one another through obstacles and succeed as a team. Your hard work will be well rewarded. Most importantly, you'll be strapped to a technology rocket ship bound for greatness! Your success at Quantum Metric will be a milestone in your career. 
Group benefitsMedical, Dental, Vision Insurance (99% Medical base plan paid by the Company)FSA, DCFSA, and HSA accountsEmployee Assistance Programs (EAP)Telehealth optionsVoluntary Life & AD&D, STD, LTD, Critical Illness and AccidentHealthy Rewards – Discount ProgramsDiscounts on Pet Insurance401k (with employer match) and Options / Equity 13 company holidaysUnlimited Paid Time Off Sick leaveParental/Adoption Leave 
In addition to our more traditional benefits, we also offer great perks, a flexible work environment, and numerous resources for professional development and team building.Promotional opportunities Rewards and recognition programs Robust onboarding and training programOne-time stipend for work-at-home employeesMonthly business expense stipendFlexible work environmentsEmployee Discount Program (Perks at Work)Employee Referral Program Lead Referral ProgramMacBook and awesome swag delivered to your doorEncouraging and collaborative culture RECHARGE PROGRAM (after 3 years, disconnect for 3 weeks, no email/slack) 🐉 About Quantum MetricAs the leader in Continuous Product Design, Quantum Metric helps organizations put customers at the heart of everything they do. The Quantum Metric platform provides a structured approach to understanding the digital customer journey, enabling organizations to recognize customer needs, quantify the financial impact and prioritize based on the impact to the customer and business’ bottom line. 
Today, Quantum Metric captures insights from 40 percent of the world’s internet users, supporting nationally recognized brands in ecommerce and retail, travel, financial services and telecommunications. Our customer retention rate is 98%. 
Quantum Metric has been named to the Inc 5000 and the Deloitte 500 for the last five-consecutive years, and has made the Best Places to Work lists by Glassdoor, BuiltIn, Fast Company and Forbes. 
If the above role seems like a match and you’re interested in joining a team of people with exceptional potential from diverse backgrounds, perspectives, and life experiences, we want to hear from you!
The job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Quantum Metric reserves the right to change, edit, and add duties and responsibilities of all job descriptions at any time, at its sole discretion, and to notify the respective employee accordingly. 
Quantum Metric will only provide offers of employment and all communications regarding employment from an official @quantummetric.com email address and/or LinkedIn inMail. Quantum does not recruit via channels such as WhatsApp or Telegram, and will not ask for a candidate’s sensitive information and/or any upfront fees/costs during the job application process. Quantum asks that any candidates report any suspicious recruitment efforts to security@quantummetric.com.
Quantum Metric is an E-Verify employer: https://e-verify.uscis.gov/web/media/resourcesContents/E-Verify_Participation_Poster_ES.pdfApplicant Privacy Policy:  https://www.quantummetric.com/legal/applicant-privacy-policy/
#LI-REMOTE #BI-Remote