Junior Compliance Analyst (Remote)

Firmex is a global software-as-a-service provider with corporate headquarters in Toronto, Canada. The company’s Firmex VDR service is the world’s most trusted virtual data room, having been used by over 140,000 companies worldwide to share confidential documents for due diligence, litigation and compliance.
We are looking for a highly organized and detail oriented individual to join us as a Junior Compliance Analyst. In this role, you’ll report to the Risk & Compliance Manager and help with our compliance, risk, and IT security programs, including SOC 2, HIPAA, GDPR, and PSPC.

As our Junior Compliance Analyst, you will:

• Support our internal compliance controls to ensure compliance with internal policies and external standards. 
• Collaborate with various departments (Infrastructure, Security, HR, Development, Support, General Corp) to align policies with current business practices.  
• Assist in responding to client RFI's and risk assessments (technical sections, security, privacy, encryption, vulnerability management, access controls). 
• Support our vendor management program by helping with vendor security risk assessments.  
• Support security awareness programs, including delivering training, promoting security best practices and running educational campaigns. 
• Assist with external audits to ensure compliance and identify areas of improvement. 
• Support internal audits and risk assessments to maintain compliance and suggest improvements. 

What you'll need to be successful as our Junior Compliance Analyst:

• Strong organizational skills and ability to manage multiple projects simultaneously.
• Excellent communication and project management skills, as well as an eagerness to learn.
• Proven collaboration with cross-functional teams.
• Experience with project management software such as JIRA/Atlassian/Service Desk. 
• Familiarity with organizational controls and/or policies (SOPs) is a plus. 
• Exposure to IT systems, encryption, vulnerability management, monitoring, and SaaS applications in a public cloud environment such as AWS.
• Knowledge of Quality Management or Information Security Management Systems and standards such as SOC 2, ISO, HIPAA, GDPR, and FedRAMP for a SaaS organization.
• Experience with internal and external audit programs. 
• Experience or exposure to Agile software development methodologies. 

*Note: The “Core Duties” is a summary of the duties that are essential to this role and is not an exhaustive list. Firmex reserves the right to add or amend duties as necessary.
At Firmex, we’re guided by our core values of respect and collaboration to create an equitable, diverse and inclusive environment where all employees and candidates alike can thrive. BIPOC, LGBTQIA2S+, women, people with disabilities, internationally trained professionals and historically disenfranchised groups are encouraged to apply. If you need any accommodations or adjustments throughout the interview process and beyond, we’ll be happy to assist you.