Position Title: Sr. Analyst, Security Compliance

Location: United States, Remote

If you want to be a key part of establishing and growing a large, global cloud consulting organization, then this opportunity may be for you. Teradata Corporation is a leader in delivering high power analytics to companies driving improved results and transformational capabilities. Our corporate security team is at the heart of ensuring we deliver our analytics solutions to our customer’s analytic ecosystem wherever they deploy our technology (on premises, managed cloud or public cloud). We are actively driving toward next generation service capabilities building on our already best in class services and consultants.  We are helping customers determine how to maximize the opportunities enabled by cloud and how to successfully navigate towards the cloud mandates that many of our large, global customers have in place.    

The member of the Information Security Compliance team will leverage broad technical knowledge of the security controls implemented at Teradata and provide requirements for compliance to security and privacy regulations. This is a global role with responsibility for responding to compliance requirements and customer security audits worldwide.

The ideal candidate will have experience and proven track record of analyzing the requirements for security and privacy assessments and prepare responses to client audits. Strong interpersonal skills are required to meet with clients and support onsite audits of Teradata controls.  This position will be primarily responsible for designing, implementing, and maintaining our security compliance program. Working closely with the business units, to advise on risk, consult on compliance requirements, build security awareness, enforce policies, respond to customer security questions, perform audits of Teradata suppliers, and manage third-party due diligence.

Key Areas of Responsibility 

Teradata Audit Readiness

• Understand Teradata’s security controls
• Respond to customer/prospect security requests (security documentation, independent penetration tests, etc.)
• Provide evidence of Teradata’s controls
• Negotiate remediation as required
• Track findings and work with teams to remediate risks

Security Compliance Management

• Understand requirements of security and privacy regulations
• Monitor new regulations and advise on business impact
• Develop and maintain metrics on compliance for third-parties and customers
• Coordinate with various internal/external stakeholders for pertinent compliance initiatives (SOX, ISO 27001, SOC 2 Type 2, GDPR)

 Third-Party Risk Management

• Identify security and privacy regulatory requirements
• Perform risk analysis of Teradata suppliers
• Perform and/or support due-diligence of Teradata suppliers
• Develop and maintain a third-party risk registry
• Track third-party compliance with Teradata’s security requirements
• Ensure committed remediation tasks are complete

 Qualifications

• Bachelor’s Degree required; technical certs desirable
• 7 – 10 years’ experience with internal security and compliance
• Experience achieving and maintaining ISO 27001, SOC 2 Type 2 compliance
• Drafting/enforcing internal security policies
• Experience in IT audit, information security, or compliance
• Comprehensive knowledge of various risk and security frameworks
• Comprehensive knowledge of SOC 2, ISO 27001, HIPAA, SOX, GDPR and global data protection and privacy laws
• A strong technical understanding of cloud security challenges and controls
• A good understanding of technologies and controls including hosts, databases, networking, and applications
• Experience performing audits, risk assessments, and reviewing and developing key processes and controls
• Experience presenting and communicating to Executive Management
• Ability to effectively work and collaborate with technical and non-technical resources
• Strong organizational skills