Compliance Analyst (3rd Shift Hours)

At Instructure, we believe in the power of people to grow and succeed throughout their lives. Our goal is to amplify that power by creating intuitive products that simplify learning and personal development, facilitate meaningful relationships, and inspire people to go further in their educations and careers. We do this by giving smart, creative, passionate people opportunities to create awesome. And that's where you come in:
The Compliance Analyst is responsible for ensuring that the company adheres to all regulatory, legal, and internal compliance requirements. This role involves monitoring policies and procedures, conducting external and internal audits, identifying risks, and driving remediation to maintain compliance with industry standards and government regulations.

What you will be doing:

• Work 3rd shift hours to support a U.S. based team
• Perform internal audits, risk assessments, and investigations to identify compliance risks.
• Arrange, manage, and facilitate external assessments –  SOC2, SOC1, CyberEssentials, PCI DSS, and ISO27001 assessments.
• Collaborate with teams to implement compliance programs and guarantee operational adherence to information security and privacy requirements.
• Examine compliance-related issues and suggest corrective actions.
• Assist in responding to audits, regulatory inquiries, and internal investigations.
• Identify gaps in compliance and address the gaps through program management practices.
• Conduct reviews of new vendors and third-parties to validate compliance to INST policies and requirements..
• Gather data to develop metrics that measure and report on the effectiveness of Instructure's control framework
• Aid in the preparation of reports and documentation for senior management.
• Respond to customer, sales, legal, and marketing requests to aid in providing transparent and accurate knowledge to customers.
• Support GRC Team to maintain adherence to regulatory requirements, internal policies, and industry standards.
• Contribute to the overall direction, mission, and purpose of the Instructure GRC Team.

What you'll need to know/have:

• Education: Bachelor's degree in Business, Finance, Law, or a related field (Certified Compliance & Ethics Professional (CCEP) or similar certification is a plus).
• Ability to work third-shift hours to support a U.S. based team
• Experience: 2+ years of experience in compliance, risk management, audit, or a related field.
• Knowledge: Experience with regulatory frameworks such as SOC 2, ISO 27001, PCI DSS, NIST 800-53 or other industry-specific regulations,  Knowledge of privacy (GDPR) requirements is a plus.
• Skills: Strong analytical and problem-solving abilities, attention to detail, excellent communication and interpersonal skills, ability to work independently and as part of a team.
• Technical Skills: Proficiency in Google Suite and Microsoft Office Suite. Familiarity with GRC platforms like Audit Board and data analysis tools.  The ability to script using Python or other scripting languages is a plus.

We’ve always believed in hiring the most awesome people and treating them right. We know that the more diverse we are, the more diverse our ideas will be and when we openly welcome those ideas, our environment is better and our business is stronger.
All Instructure employees are required to successfully pass a background check upon being hired.