Job Description
Key Responsibilities
The Role
The Compliance Analyst strengthens SATS cybersecurity posture by turning regulatory and industry requirements into clear, enforceable policies and day‑to‑day practices. The role partners closely with Security Architecture & Risk Management to align SATS policies and standards with legal, regulatory, and benchmark expectations; manages enterprise compliance assessments; prepares regulatory submissions (e.g., ISO/IEC 27001, PCI DSS, NIS2); and coordinates evidence and interviews for audits.
This analyst also manages the ongoing enterprise‑wide cybersecurity training program and when necessary, works directly with business personnel in translating ongoing compliance requirements and needs into practical business language.
Key Responsibilities
- Collaborate with Security Architecture to develop, review, and align SATS cybersecurity policies and standards with legal, regulatory, and industry benchmarks.
- Collaborate with other teams (Internal Audit, Cyber, Enterprise Risk, others) to support assessments across the enterprise and ensure adherence to SATS cybersecurity policies and standards.
- Coordinate with internal/external auditors of enterprise security capability, managing requested interviews, and artifact/evidence requests.
- Prepare and submit any necessary reports/attestations to regulatory bodies and schemes (e.g., ISO/IEC 27001, PCI DSS, NIS2) to demonstrate compliance.
- Collaborate with and, when needed, manage workload and direction of interns or consultants engaged within the Cybersecurity function.
- Manage an ongoing enterprise‑wide cybersecurity training program including course selection, license management, population updates, and platform troubleshooting.
Key Requirements
Bachelor's degree in Information Security, Information Systems, Compliance/Law, or related discipline; equivalent experience considered.Relevant certifications preferred (e.g., ISO 27001 Lead Auditor/Implementer, CISA, CISSP, PCI ISA).3–5 years in cybersecurity compliance, audit, or policy governance within a regulated or standards‑driven environment.Hands‑on experience conducting compliance assessments and coordinating audits.Experience preparing submissions for certifications/regulators (e.g., ISO 27001, PCI DSS, NIS2).Background partnering with Security Architecture and cross‑functional teams (IT, Legal, HR, Internal Audit).Experience designing and delivering security awareness/training at enterprise scale.Exposure to managing or directing external consultants.Technical depth in one of the following: networking, computing, cloud, or AI.Strong grasp of cybersecurity policies/standards lifecycle and their mapping to legal, regulatory, and industry benchmarks.Working knowledge of ISO/IEC 27001, PCI DSS, and NIS2 expectations and evidence requirements.Proficient in audit coordination, evidence management, and defensible documentation.Clear, concise writer able to produce policies, standards, reports, and management‑ready summaries.Effective program management skills for managing initiative workloads.Stakeholder management and negotiation skills, including with regulators, auditors, and consultants.Organized, detail‑driven, and deadline‑reliable; able to manage multiple concurrent requests.This role does not require regular business travel (generally
