Compliance & Audit Analyst

About Us: EvolutionIQ’s mission is to improve the lives of injured and disabled workers and enable them to return to the workforce, saving billions of dollars in avoidable costs and lost productivity to the US and global economies and make insurance more affordable for everyone. We are currently experiencing massive growth and to accomplish our goals, we are hiring world-class talent who want to help build and scale internally, and transform the insurance space. Our team is our #1 priority, and we have been named one of Inc.’s Best Workplaces 3 years in a row!

We are seeking a proactive and detail-oriented Compliance & Audit Analyst to join our Security team and will report to the Chief Security Officer. This role will be instrumental in ensuring our operations remain compliant with internal policies, industry regulations, audit standards, and to help maintain our certifications. The ideal person will bring a sharp analytical mindset, excellent organizational skills, and a proactive approach to problem-solving and process improvement.

In this role, you will:

• Support the development, implementation, and maintenance of compliance programs and internal audit processes. 
• Conduct regular audits and risk assessments across various departments to ensure adherence to internal policies and regulatory requirements.
• Collaborate with cross-functional teams to identify compliance gaps and recommend practical solutions.
• Prepare and present reports on audit findings, including risk areas and corrective action plans.
• Maintain accurate documentation and records related to audits, risk assessments, and compliance activities.
• Stay up-to-date with changes in regulatory requirements and industry best practices.
• Assist with vendor risk management, data protection reviews, and third-party compliance checks.
• Promote a culture of compliance and integrity throughout the organization.

Required experience and skills:

• Bachelor’s degree and 3+ years of experience in compliance, audit, risk management, or a related area. (In lieu of degree 5+ years is acceptable)
• Experience working in a tech or software company is strongly preferred.
• Working knowledge of cybersecurity standards and frameworks such as ISO/IEC 27001/ISO 27002, NIST, HITRUST and SOC2 and have a working understanding of laws and regulations associated with information security and privacy such as HIPAA, CCPA, GDPR, PCI, etc.
• Work in tandem with the CSO to perform ongoing internal security program assessments and ensure that HITRUST and SOC2 certification controls are maintained by their owners. 
• Experienced with and comfortable working in a GRC tool like Vanta or Drata, as well as configuring and maintaining it.
• Work in tandem with the CSO to accurately provision Customer and Third-Party Security Compliance Assessments on a timely basis.
• Analyze findings, document, recommend and report program gaps to security leadership
• Experience with auditing Google Workspace and Google Cloud is a very big plus.
• Keen attention to detail and the ability to manage multiple priorities and deadlines with a proactive and solution-oriented mindset is needed.
• Excellent written and verbal communication skills, with the ability to communicate effectively with both technical and non-technical audiences at various levels within the organization
• A self-starter who takes initiative and can work independently with the appropriate level of support.
• Someone who thrives in a fast-paced, evolving environment and is eager to learn and grow their knowledge in a well mentored team.
• A team player who can collaborate effectively across departments and functions.

Work-life, Culture & Perks: 

• Compensation: The salary range for this role is between 100k-120k base with flexibility, plus a meaningful equity plan.
• Hybrid: This role is a combination of WFH and occasional in-office syncs.
• Well-Being: Full medical, dental, vision, short- & long-term disability, 401k matching. 100% of the employee contribution up to 3% and 50% of the next 2%
• Home & Family: Flexible PTO, 100% paid parental leave (4 months for primary caregivers and 3 months for secondary caregivers), sick days, paid time off. For new parents returning to work we offer a flexible schedule. We also offer sleep training to help you and your family navigate life schedules with a newborn
• Office Life: Catered lunches, happy hours, pet-friendly spaces, and home office stipend.
• Growth & Training: $1,000/year for each employee for professional development, as well as upskilling opportunities internally
• Sponsorship: We are open to sponsoring candidates currently in the U.S. who need to transfer their active H1-B visa

EvolutionIQ appreciates your interest in our company as a place of employment. EvolutionIQ is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees