JOB TITLE:  Security Analyst – Compliance (Remote)    LOCATIONS: Santiago, DR     GENERAL DESCRIPTION OR PURPOSE OF JOB:   The Security Analyst – Compliance is primarily responsible for helping ensure our organization adheres to the SOC 2 (System and Organization Controls) requirements. Further, the incumbent will help maintain compliance with our PCI DSS program, SOX program, and internal policies and standards.   This role will collaborate with cross-functional teams to collect and assess evidence to satisfy security requirements. The individual must be a motivated team player with a positive attitude, solid interpersonal skills and someone who can quickly take ownership within their area. The individual must be hands-on, work under minimal supervision and can work in a fast-paced environment.   RESPONSIBILITIES / ESSENTIAL FUNCTIONS:    SOC 2 Program Management: Lead or assist in the development and maintenance of the SOC 2 program, including policies, procedures, and controls. Conduct internal assessments to identify and mitigate risks related to SOC 2 compliance. Coordinate and collaborate with external assessors and stakeholders Prepare reports and presentations on SOC 2 compliance status. SOX and IT Policy/Standard Program Support: Provide support to help ensure compliance with Jostens Information Security Program, and PCI and SOX programs. While the primary role is SOC 2 compliance, the candidate will be asked to back up other GRC activities.   Additional Duties and Responsibilities: Risk Assessment: Assess risk, and coordinate, document, and validate evidence to meet Jostens cybersecurity and risk requirements. Ensure appropriate treatment of risk. Audit/Assessments: Facilitate audits and assessments of IT programs and individual components to determine compliance with published standards (e.g., ISO27000, PCI, etc.). Third Party Risk Management Training: Develop, plan, coordinate, deliver, and/or evaluate training courses. Metrics: Regularly report security metrics, proposing improvement as needed.  Privacy: Coordinate with legal and IT teams on privacy requests. Required:   Education: Bachelor’s degree in Business or Accounting, Information Security, Information Management Systems, Cybersecurity or other applicable area, or related work experience. Experience: Minimum one year in Information Security, IT Audit, or related role Professional Skills: Excellent analytical and problem-solving skills Strong written and verbal communication skills Ability to collaborate with cross-functional teams and external partners. Attention to detail with experience prioritizing and managing multiple projects with competing priorities.  Strong influencing, problem solving and decision-making skills.    Preferred:   Five years in Information Security, IT Audit, or related role Working knowledge of SOC2 requirements. Hands-on experience with SOC 2 Type 2 and PCI DSS compliance programs. Experience with security risk assessment methodologies and tools Experience related to Audit, Security, Governance, Risk and Compliance, and/or process development/documentation. Understanding or familiarity with frameworks (ISO27001, NIST, GDPR, CCPA, PCI, SOX, etc.)