The Senior Process and Compliance Analyst will Manage process & compliance activities to implement and maintain industry best compliance and security frameworks like ISO, CSA, SSAE18 SOC, NIST, FDA, NIS, TISAX etc. Focus is to drive consistency across QAD in maintaining compliance controls and in maintaining applicable regulatory compliance requirements in the areas of Information Security, Service Management, Risk Management, Business Continuity Management, Privacy Management, Quality Management System, etc.
Performs gap analysis for compliance standards upgrades and guides functional teams in implementing required controls, and in updating policy and procedures.
Conducts internal compliance audits and demonstrates controls during external compliance assessments.
Note: The role requires the person to work in between 11 am to 11 pm (any 9 hour shift)
Responsibilities:
Compliance Management:
Manages and conducts internal process and security compliance audits
Manages and participates in external compliance audits and presents evidence and controls
Manages customer audit requests and coordinates with the global teams in gathering and presenting evidence
Documents audit observations/findings and follows-up with the impacted parties for closure of the audit findings
Performs gap analysis for certification upgrades and implements updates
Keeps track of changes to regulatory requirements
Process/Policy Management:
Ensures that process and policy documents meet the compliance control requirements
Works with respective business teams to implement missing controls, and assist the teams to update policy/process documents
Maintains compliance related registers like Risk, Continuous Improvements, etc.
Delivers training as required to the global teams on various compliance frameworks
Assists business functions in performing business impact analysis and in maintaining business continuity plans
Security/Quality/Risk assessment Questionnaires response:
Works with the global business functions in responding to third party questionnaires
Continuous Learning:
Proactively develops skill and knowledge on security and compliance standards and frameworks
Stays attuned to changes in industry compliance and regulatory requirements
Education/Certification: Bachelor in Engineering, Computer Science, IT, ISO 27001, ISO 20000 Lead Auditor Certifications are preferred (or achieved within 12 months)
Experience: 5+ years of Industry Experience that includes Compliance, Service and Security Managements, Cybersecurity best practice, etc.
Familiarity with industry leading compliance frameworks (e.g. CSA STAR, SSAE18 SOC 1 / SOC 2, ISO 27001, ISO 20000, ISO 9001, FDA, NIST, NIS 2, TISAX, etc.)
Exposure to compliance audit process
Process training delivery
Computer skills:
Knowledge of System/Network security and business operations
Knowledge on Project Management methodology, training material preparation and spreadsheets are preferred
Good business procedure writing skill
Other knowledge or skills: :
Analytical and Problem Solving ability
Customer service skills and proven ability to perform in fast-paced environment
Good communication skills and ability to handle sensitive matters with tact and diplomacy
Able to work independently
Capable of exercising judgment and discretion while utilizing company policies and practices to determine appropriate actions.
#LI-AD1
About QAD:
QAD Inc. is a leading provider of adaptive, cloud-based enterprise software and services for global manufacturing companies. Global manufacturers face ever-increasing disruption caused by technology-driven innovation and changing consumer preferences. In order to survive and thrive, manufacturers must be able to innovate and change business models at unprecedented rates of speed. QAD calls these companies Adaptive Manufacturing Enterprises. QAD solutions help customers in the automotive, life sciences, packaging, consumer products, food and beverage, high tech and industrial manufacturing industries rapidly adapt to change and innovate for competitive advantage.
QAD is committed to ensuring that every employee feels they work in an environment that values their contributions, respects their unique perspectives and provides opportunities for growth regardless of background. QAD’s DEI program is driving higher levels of diversity, equity and inclusion so that employees can bring their whole self to work.
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.
#LI-Remote