Compliance and Risk Analyst

company banner
OSI Engineering, Inc.
security, risk, audit, soc 2, iso, risk prioritization, compliance
Full Time
Depends on Experience

Job Description

Compliance and Risk Analyst


We are on a mission to transform the way businesses drive revenue and customer engagement through data-rich digital experiences. Powered by the Platform, marketers create and deliver live, always-on and personalized webinar, content and virtual event experiences to engage audiences in real-time, to generate powerful buying signals and to accelerate pipeline. With billions of engagement minutes created, is the network where enterprises engage prospects and customers at global scale. Headquartered in San Francisco, the company has a wide international footprint serving the regions of North America, EMEA and JPAC.


The Compliance Analyst will be responsible for information security compliance efforts to safeguard customer, employee, and company data in accordance with industry standards for a global enterprise SaaS company. You will work to determine and implement appropriate standards and controls that inform policies and procedures, manage security audits and assessments, and address third party risks.  



  • Design, Implement, and maintain a continuous compliance framework.
  • Perform internal auditing functions and compliance reviews.
  • Oversee and participate in external compliance audits/certifications.
  • Create and maintain company security & compliance policies and procedures.
  • Research new regulatory compliance requirements, legal obligations, and framework revisions.
  • Provide guidance and subject matter expertise to project teams on security and compliance.
  • Evaluate and implement GRC products/solutions.
  • Manage the risk register and develop metrics for reporting risk.
  • Recommend, document, and monitor implementation of risk treatment plans.
  • Develop and maintain vendor risk management program.Oversee and perform internal assessments such as SIG and CSA CAIQ.
  • Support Sales and Sales Engineering by maintaining knowledge base, assisting with inquiries, and representing ON24 in conversations with customers/prospects.
  • Develop and maintain supporting documentation, whitepapers, and other sales collateral.
  • Evangelize security across the organization.
  • Develop and maintain security awareness training materials.
  • Work across the organization to evaluate and address gaps in governance, risk, and compliance.
  • Manage cross-team initiatives related to security and compliance.


Required skillsets

  • At least 5 years work experience in security, risk, or audit roles.
  • Hands-on experience implementing control frameworks and providing audit support (e.g. SOC 2, ISO 27001, FedRAMP).
  • Deep understanding of security threat modeling, risk prioritization, and technical security measures.
  • Excellent written and verbal communication skills.
  • Ability to work effectively and drive results in a remote team setting.
  • Bachelor's degree or equivalent experience.


Desired skillsets

  • Security certifications, e.g. CISSP, CISA/CISM, GIAC, CCSK, etc.
  • Experience working in a SaaS, hybrid-Cloud environments.
  • Experience securing/auditing cloud, virtualization, and containerization platforms.
  • Knowledge of various privacy related regulations.
  • Experience with FedRAMP authorization process.


Submit resume to


Type: Fulltime

Location: Remote in US


Tony Do

408.550.2800 x115


Company Information

OSI Engineering is a leading talent acquisition and services company, building powerful IT and Engineering development teams to meet speed-to-market demands across the US. We develop, implement and manage workforce solutions through every stage of the product lifecycle, from early application development through final production, delivering the highest-level technology professionals. Our capabilities include technical staff augmentation, managed service programs and resource planning solutions.

With over 20 years of experience, OSI’s technical expertise spans the software stack from the firmware layer up to the user interface. We deliver dynamic and diverse teams for IT Services, Networking Data Services, Cloud Infrastructure and Services, Big Data, Mobile Hardware and Applications, Internet of Things (IoT), Connected Car, Enterprise Information Security and Data Science. Our quality-focused approach to talent acquisition and services helps our clients successfully launch their concepts and products that change the world.

Dice Id : 10365912
Position Id : 7128066
Originally Posted : 1 month ago