Compliance Analyst

CCC is currently looking for a Compliance Analyst.  You are a highly skilled and motivated person with expertise in ISO 27001, SOC 2 Type 2, and PCI compliance standards. In this role, you will be responsible for ensuring that our organization maintains compliance with these critical frameworks, which are fundamental to our information security and data privacy practices. This is a hybrid position with our compliance team coming into our Danvers, Massachusetts office for pre-Audit and Audit meetings. You will play a key role in conducting assessments, implementing controls, and driving continuous improvement initiatives to enhance our compliance posture. Ideally, you will possess in-depth knowledge of these standards, strong analytical abilities, and excellent communication skills to effectively collaborate with cross-functional teams.

Compensation range:  104K-112K 

The actual salary offer to the successful candidate will be based on job-related education, training, licensure, certifications, related experience and other related factors.  

Other compensation:  Performance bonus eligible

What you will be doing:  

• Lead Compliance Programs: Oversee the implementation, maintenance, and enhancement of compliance programs for ISO 27001, SOC 2 Type 2, and PCI DSS.
• Conduct Assessments & Audits: Perform regular assessments, audits, and gap analyses to ensure adherence to compliance standards.
• Manage Compliance Processes: Monitor, track, and manage compliance-related activities, including Quarterly Access Reviews, control testing, and documentation updates.
• Stakeholder Collaboration: Work with internal teams to develop and implement control measures and processes that meet compliance requirements.
• Support External Audits: Assist in external audits by providing necessary documentation and support, ensuring smooth communication with auditors.
• Stay Informed & Train Staff: Keep up with regulatory changes, provide guidance, and train employees on compliance-related matters.

What you skills/experience you need to have:  

• Educational Background: Bachelor's degree in IT, computer science, or related field. Advanced degrees or certifications (e.g., CISSP, CISA, ISO 27001 Lead Auditor) are preferred.
• Experience & Expertise: Minimum of 4 years in information security, compliance, or risk management, with a focus on ISO 27001, SOC 2 Type 2, and PCI DSS.
• Compliance & Risk Management: Proficient in implementing and maintaining compliance programs, conducting risk assessments, control evaluations, and gap analyses.
• Analytical & Technical Skills: Strong analytical abilities to assess complex systems, identify risks, and develop control measures. Familiarity with tools, methodologies, and frameworks like NIST and GDPR is a plus.
• Communication & Collaboration: Excellent communication skills for conveying technical concepts to non-technical stakeholders and working effectively across teams.
• Professionalism & Integrity: High ethical standards, with the ability to manage multiple projects, work independently, and maintain confidentiality in a fast-paced environment.

A pioneer in voluntary collective licensing, CCC is a leading information solutions provider to organizations around the world. CCC works to advance copyright, accelerate knowledge, and power innovation. 
CCC helps organizations harness the power of data, AI, and machine learning to drive strategic decision-making, grow their businesses, and gain competitive advantage.

CCC is more than a company, it’s a community. Our smart, talented, and compassionate team members make CCC a special place to work. We invest significantly in their development and well-being to give them the resources they need to grow. 

CCC is committed to a diverse, inclusive, equitable, and vibrant ecosystem that cultivates opportunity for our team and attracts talented people.  We are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates without regard to race, color, religion, sex, pregnancy, national origin, age, physical and/or mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and/or veteran status,  and any other characteristic protected by applicable law.  

If you need accommodation for any part of the employment process because of disability, please contact our HR Department and let us know the nature of your request.