About Clearwater Analytics®
Clearwater Analytics® is a global SaaS solution for automated investment data aggregation, reconciliation, accounting, and reporting. Clearwater helps thousands of organizations make the most of investment portfolio data with cloud-native software and client-centric servicing. Every day, investment professionals worldwide trust Clearwater to deliver timely, validated investment data and in-depth reporting. Technology Risk and Compliance Analyst
The Clearwater Risk and Compliance team works side by side with the Information Security team and Cybersecurity program across the organization. We are looking for an analyst to drive audit initiatives, write, maintain, and improve upon policies and standards, and aid in the implementation of security initiatives to improve overall security at Clearwater. Technology Risk and Compliance Analysts are highly motivated, process driven professionals with basic technical knowledge, willingness to learn and implement new ideas, and good written and verbal communication skills. Responsibilities
- Drive internal Policy and Standard creation and review.
- Lead regular and annual SOC 1 and SOC 2 audit requests, along with occasional client audit request.
- Conduct compliance audits to ensure proper security practices are being followed.
- Conduct and report on annual and ad-hoc Risk Assessments.
- Train and onboard new Technology Risk & Compliance Analysts.
- Occasionally assist with company-wide security training.
- Occasionally assist with vendor security reviews for new software requests.
- Implement compliance goals and research new and developing laws, standards, frameworks, and best practices.
- Draft and edit technical documentation for Information Security and Corporate IT, occasionally sending multi-department email announcements.
- Improve processes and enhance overall security posture by applying industry-standard security practices and controls to Clearwater's environment.
Desired Experience and Skills
- 5+ years of experience with compliance, audit, or operations including development of internal controls, policies, and procedures.
- Knowledge of UK and European IT Regulatory policies
- Significant experience in dealing with clients or internal stakeholders.
- BS, BA in Information Technology, Computer Science, Information Security, or other related
- Experience performing or undergoing internal and external audits.
- Ability to work effectively in a team environment and across all organizational levels, where flexibility, collaboration, and adaptability are important.
- Excellent verbal, written, and interpersonal communication skills.
- Experience from a Top 20 firm, Bank, Fintech or Corporate very welcome
- Relevant security certifications (SSCP, CISSP, CISA, etc)
- Experience conducting audits for or implementing programs such as ISO 27001
- Demonstrated experience with SOC 1 and/or SOC 2 audits and monitoring control activities
- We are open to experience from both Financial Services and Non-FS environments