What is special about Lighthouse?
Lighthouse is built on a foundation of unique, compassionate, highly driven individuals. We elevate the strengths and talents of those around us while leveraging opportunities for growth. We offer the experience of solving complex problems while continuing to grow multiple facets of your career. Lighthouse is where innovation meets support and where collaboration is the key ingredient to success. We grow together and are stronger together.
What’s unique about this role?
This role supports the Information Assurance and Privacy team as a driver of risk management, compliance management, assessments, security controls, and awareness throughout the organization. The Senior Compliance Analyst will play a crucial role in ensuring that our company complies with all regulatory requirements and internal policies. This position involves a deep understanding of eDiscovery and the technology utilized, as well as monitoring, auditing, and reporting on compliance activities, and providing support and guidance to various departments. The role also includes managing incoming security assessments from clients and ensuring vendors are reviewed within the contracting platform.
What will this person do?
- Develop, implement, and maintain compliance policies and procedures. Collaborate in the development and maintenance of an information security policy set, including standards and processes that fit the organization at all levels and ensure the confidentiality, integrity, and availability of the enterprises’ information. Seek and confirm management approval as required. Liaise with Service Delivery and Product Development to ensure that information security architecture standards, policies, and procedures are available and enacted consistently across application development projects, programs, and eDiscovery workflows.
- Assist in conducting regular audits and assessments to ensure adherence to regulatory requirements. Ensure operational compliance of the information assurance and privacy compliance programs, including but not limited to SOC II, ISO 27001, and HIPAA.
- Monitor and analyze regulatory changes and their impact on the company.
- Develop and maintain a working knowledge of company's service offerings and products within the eDiscovery industry.
- Provide training and support to employees on compliance-related matters within an eDiscovery framework.
- Investigate and resolve compliance issues and complaints.
- Prepare and submit compliance reports to regulatory bodies and senior management.
- Collaborate with client services, sales, legal, finance, and other departments to ensure comprehensive compliance coverage.
- Maintain up-to-date knowledge of industry best practices and regulatory developments.
- Manage incoming security assessments from clients and ensure timely responses.
- Review and assess vendors within the contracting platform to ensure compliance with company standards.
- Oversee and maintain risk register, ensuring timely resolutions of open risks.
- Ensure that strategic information security and risk guidance is provided to third-party suppliers in accordance with internal frameworks and ensure compliance with enterprise and/or client required controls.
- Coordinate with stakeholders, subject matter experts, and external regulators with enterprise incident management, including the identification, reporting, control, and recovery of incidents.
- Work with stakeholders to ensure that availability of information is considered in Business Continuity and Disaster Recovery planning. Coordinate with IT leadership on IT/DR plan development and facilitate tabletop exercises.
- Participate in the Information Security Steering Counsel and provide guidance to non-technical members of the council to ensure all members’ effectiveness.
- Build sound, collaborative business relationships across the enterprise to enable a strong understanding and close alignment with business needs, direction, and risk appetite.
- Foster continuous improvement of enterprise’s information security and privacy compliance through accurate, timely and effective metrics and corrective action programs.
- Ability to plan, scope and estimate work effort to produce high quality deliverables in time/on budget.
- Perform other related duties as assigned.
Bring your passion and together we will shine. It would also be great if you had the following:
- Bachelor's degree desired
- Minimum of 5 years of experience in compliance or eDiscovery.
- Minimum of 3 years providing SaaS services
- Strong understanding of regulatory requirements and compliance standards.
- Background in eDiscovery, including experience with eDiscovery tools and processes.
- Relativity expertise a strong plus
- Excellent analytical, organizational, and problem-solving skills.
- Ability to communicate effectively with all levels of the organization.
- Proficiency in compliance management software and tools.
- Knowledge of eDiscovery, Application Security, IT Security Policy and governance, Risk Management, Incident Management
- Exceptional interpersonal skills with the ability to speak clearly and with authority to auditors, clients, regulators, and senior company personnel.
- Intellectual curiosity and the ability to learn new concepts quickly and efficiently.
- Highly solution-focused; strong sense of urgency with a passion for 100% availability
Work Environment and Physical Demands
- Duties are performed in a typical office environment while at a desk or computer table.
- Duties require the ability to use a computer, communicate over the telephone, and read printed material, in a quiet and professional setting.
- Duties may require being on call periodically and working outside normal working hours (evenings and weekends).
Lighthouse celebrates and thrives on diversity and is an Equal Opportunity Employer. We hire, train, and promote regardless of race, religion, color, national origin, sex, disability, age, veteran status, and other protected status as required by applicable law. We welcome any talents and contributions you can bring to the team and are deeply committed to growing an environment where everyone can feel safe, is respected, and can show up as themselves. Come as you are!
As required by applicable pay transparency laws, Lighthouse complies with compensation disclosure requirements for roles that may be hired in locations under these requirements. Factors that may be used to determine your actual salary may include a wide array of factors, including: your specific skills and experience, geographic location, or other relevant factors. The salary range for this position may be tailored to be lower or higher in different talent markets.
Lighthouse offers a comprehensive quality benefits package including medical, dental, vision, and a 401k with company match. Company paid benefits also include Life & AD&D, short and long-term disability, telemedicine, and other wellness plans. We offer a generous Flexible PTO program and paid volunteer days. Employees may also participate in voluntary insurance plans including accident, hospitalization, and critical illness plans as well as pet insurance.
This role will be eligible to participate in an annual bonus or incentive program.
As a trailblazer and catalyst for change, Lighthouse rises to each opportunity to help our clients, and our people do what they do best—shine.