Senior Information Compliance & Analyst

Information Technology United States Nashua, New Hampshire Minneapolis, Minnesota


Optimizely is focused on unlocking digital potential and we are the recognized category leader in Digital Experience Platform (DXP) and created the category for A/B Testing and experimentation software. We have incredible customers – isn’t that one of the most important aspects of looking for your next job? Optimizely has over 9,000 brands from global organizations such as Visa, Sky, Yamaha, Wall Street Journal to tech innovators like Atlassian, DocuSign, FitBit and Zillow.

Not only are we financially sound and growing but we have unicorn status: Exceeded $300M in revenue in 2020, is profitable already, and has all strategic options ahead of itself. Optimizely continues to invest and addresses a market opportunity north of $30 billion, providing significant personal career growth opportunities.

We are an inclusive culture with a global team of 1200+ people across the US, Europe, Australia, and Vietnam. We blend European and American business culture with emphasis on teamwork, inclusion, and moving fast. People make the difference!

If you are looking to work on the next generation of digital technologies in a fast-paced, hyper-growth environment, apply! We’re just getting started...

The focus of this position is on the internal information compliance & risk area. The analyst will assist with designing, implementing, supporting and maintaining policies and security solutions for our enterprise infrastructure and cloud-based products and services. The analyst must be organized with an ability to self-manage with multiple high priority initiatives.

As a Information Compliance & Risk Analyst you will:

  • Support critical information compliance & risk projects including the development and management of global policies and procedures, while ensuring proper alignment to company objectives.
  • Assists with ongoing support of our ISO 27001 certification, as well as GDPR and new regulatory or compliance needs.
  • Serves as a support resource to assist with information compliance, security & risk questions for the organization, and for customers, partners, auditors, and regulators.
  • Assists in the development of a security and compliance knowledge base to be utilized while responding to information security requests and questionnaires from customers and prospects.
  • Maintains efficiencies and effectiveness of compliance monitoring programs, while making improvements and suggestions where relevant.
  • Supports third-party vulnerability monitoring, security audits, and risk assessments.
  • Audits and regularly evaluates company performance for compliance to information security standards.
  • Reports key metrics relating to information security projects, monitoring programs, and issues.
  • Performs additional duties as required.
  • Assists with development and delivery of security awareness training.
  • Performs security related evaluations and follow-ups with vendors.

About you:

  • BS in Computer Science, Information Systems, IT, etc.
  • 2+ Years’ experience within an information security role, supporting cloud-based solutions.
  • Excellent written and verbal communication skills, for effective interaction with Optimizely team members, customers, partners, and auditors.
  • Experience with compliance standards such as: ISO, ITIL, NIST, PCI, and SOC.
  • Strong risk management and auditing experience.
  • Experience with data privacy regulations such as GDPR and Privacy Shield.
  • Certification preferred in CISSP, CISA, CISM, CompTIA, GSEC, CEH, or similar certification relating to information security preferred.
  • Active certification required as an ISO 27001 Lead Implementer, ISO 27001 Lead Auditor, or ISO 27001 Internal Auditor

Optimizely is committed to a diverse and inclusive workplace. Optimizely is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.