Senior Compliance Analyst (100% Remote in Columbia MD, Atlanta GA or Detroit MI)
Merkle is a leading data-driven, technology-enabled, global performance marketing agency that specializes in the delivery of unique, personalized customer experiences across platforms and devices. For more than 25 years, Fortune 1000 companies and leading nonprofit organizations have partnered with Merkle to maximize the value of their customer portfolios. The agency’s heritage in data, technology, and analytics forms the foundation for its unmatched skills in understanding consumer insights that drive people-based marketing strategies. When combined with its strength in performance, creative, and media, Merkle creates customer experiences that drive improved marketing results and shareholder value. With more than 9,600 employees globally, Merkle is headquartered in Columbia, Maryland, with over 50 locations worldwide.
- “Applicants must be currently authorized to work in the U.S. on a full-time basis. No sponsorship is available for this position or work transfers.”
Location to work
- Must live in the Columbia MD, Atlanta GA or Detroit MI (100% Remote)
Tech Stack Knowledge Required
- Experience w/internal & external audits, responding to MSA, BAA’s, SOW’s & RFP’s, Experience w/compliance, SOC2, ISO27001, PCI, CISA, CRISC, CISSP
The IT Risk Analyst role will report to the Information Security Officer. The role will work with a team of geographically distributed Merkle staff and contract employees. This role is responsible for internal and external compliance audits, evidence gathering, compliance documentation, and the stability and optimization of the IT Risk Management and Compliance activities within the IT Security portfolio. The Analyst must be an accomplished auditor, skilled in a number of Core Competencies, to include documentation management, knowledge of information systems, general security practices, information gathering, and providing exemplary customer service. This role will work with other IT leaders to ensure seamless service delivery of IT Risk and client support.
Essential Tasks and Responsibilities:
- Managing the internal audit schedules
- Lead client and internal audits
- Contribute to the development of Security and IT Risk standards and best practices for process/procedures accepted in the industry and appropriate for Merkle
- Responsible for ensuring resources are aligned with the resource model in order to effectively manage staff utilization and prioritization
- Manage all customer escalations according to defined service levels
- Manage the daily activities of the IT Risk function and in a matrixed way, the resources that perform security functions across Merkle
- Provide content as requested for the client RFP process including information relating to Merkle security and risk policies, practices, and compliance
- Manage BC/DR test planning, execution, training, and maintenance projects for Merkle and its clients
- Manage Disaster Recovery coordination efforts.
- Interface effectively with external client audit staff to minimize high risk findings and exposure to Merkle
- Participate in SSAE16 program audits
- Participate in PCI program audits
- Enforce Merkle security policies, standards and practices
- Provide metrics related to key performance objectives and service levels.
- Act as a coach and mentor for less experienced team members.
- Provide on-call and after-hours support as required
- Uphold and promote Merkle’s core values and culture
Measures of Success:
- Delivering error free compliance related document reviews to the legal and sales teams
- Identifying risk in the internal audit process
- Meet or exceed the defined service level objectives.
- Consistently deliver IT solutions that exceed customer expectations on-time/budget.
- Participate in defining a vision and strategy for Merkle’s Security and IT Risk portfolio.
- Positive recognition as noted on Employee and Customer satisfaction surveys, completed on a periodic basis.
- Record of successful client and third-party audits and reviews of Merkle’s security profile.
- Effectively collaborate with Merkle Sales teams responding to RFP/ RFI relating to Merkle security policies, practices, and capabilities.
- Demonstrate the ability to work as part of a team and share knowledge with team members.
- Ability to multi-task, prioritize, manage workload and adapt to changing business conditions.
- Ability to assess and communicate project and technology budgets and delivery schedules.
- Understanding of emerging methodologies, technologies, architectures products, and philosophies in the IT Security and IT Risk portfolio.
- Ability to document risk
- Ability to perform risk assessments from data gathered during audits
- Active participant on the IT Management team, collaborating with peers on steady state as well as strategic direction.
- Proactive, upbeat and collaborative communication style, with the ability to be direct, tactful, and transparent.
- Provide continuous improvement with regard to the quality of delivered services.
- Ability to balance the delivery of strategic initiatives against the competing needs of operations and support.
- Ability to successfully engage external client audit staff to minimize high risk findings and exposure to Merkle.
- Solid knowledge of ISO27001/27002, COBIT, NIST 800-53 and similar controls frameworks and associated security practices.
- Ability to effectively recognize, research, classify as to risk, and follow up on security compliance issues.
Education and Experience:
- Bachelor’s Degree preferred. Equivalent work experience can be substituted for college education.
- Requires 3+ years of experience implementing and managing IT Risk/Disaster Recovery solutions operating in a 24/7 environment.
- CISA and/or CISSP certifications highly desired. Preferred additional certifications include CISM; CRISC; CBCP and MBCP.
The anticipated salary range for this position is $65k to $85k. Salary is based on a wide range of factors that include relevant experience, knowledge, skills, other job-related qualifications, and geography. A range of medical, dental, vision, 401(k) matching, paid time off, and/or other benefits also are available. For more information regarding dentsu benefits, please visit https://dentsubenefitsplus.com/
Employees from diverse or underrepresented backgrounds encouraged to apply.
Dentsu (the "Company") is committed to a policy of Equal Employment Opportunity and will not discriminate against an applicant or employee of the Company, on the basis of age, sex, sexual orientation, race, color, creed, religion, ethnicity, national origin, alienage or citizenship, disability, marital status, veteran or military status, genetic information, or any other legally-recognized protected basis under federal, state or local laws, regulations or ordinances. Applicants with disabilities may be entitled to reasonable accommodation under the terms of the Americans with Disabilities Act and/or certain state or local laws. A reasonable accommodation is a change in the way things are normally done that will ensure an equal employment opportunity without imposing an undue hardship on the Company. Please contact [email protected] if you need assistance completing any forms or to otherwise participate in the application process or to request or discuss an accommodation in connection with a job at the Company to which you are applying.