Offer summary

Qualifications:

Minimum of 2 years experience in ISO 27001 or SOC 2 audit roles., Strong understanding of ISO 27001 and SOC 2 control requirements., Excellent communication skills for stakeholder engagement., Bachelor's degree in computer science, information security, or related field..

Key responsibilities:

Support planning and execution of ISO 27001, SOC 2, and other audits.

Identify and remediate control gaps in collaboration with teams.

Collect and review evidence to demonstrate compliance.

Advise teams on security frameworks, audit procedures, and process improvements.

Veeva Systems is a missiondriven organization and pioneer in industry cloud, helping life sciences companies bring therapies to patients faster. As one of the fastestgrowing SaaS companies in history, we surpassed $2B in revenue in our last fiscal year with extensive growth potential ahead.

At the heart of Veeva are our values: Do the Right Thing, Customer Success, Employee Success, and Speed. Were not just any public company – we made history in 2021 by becoming a public benefit corporation (PBC), legally bound to balancing the interests of customers, employees, society, and investors.

As a Work Anywhere company, we support your flexibility to work from home or in the office, so you can thrive in your ideal environment.

Join us in transforming the life sciences industry , committed to making a positive impact on its customers, employees, and communities.

The Role

As a Security Compliance Analyst, you will help ensure ongoing compliance with relevant regulations and maintain current certification status against ISO 27001 and SOC 2 in addition to various other standards and certifying bodies. You will support all aspects of Veeva’s security compliance efforts including audit readiness assessments, gap analysis and remediation, evidence collection, and audit planning and management.

Strong teamwork skills and an ability to operate with minimal direction are essential to success in this role.

What Youll Do
Support and help plan annual ISO 27001, SOC2, and other thirdparty audits
Work with other compliance analysts, product, and internal teams to identify control gaps and plan their remediation
Monitor progress toward control gap closure
Collect, organize, and review control evidence
Serve as subject matter expert in relevant security compliance frameworks, auditing procedures, and evidence requirements
Serve as an advisor to engineering, IT, and business process teams to assist them in supporting compliance efforts
Collaborate with senior leaders to determine audit scope
Communicate status, opportunities, and compliance risks with senior leaders and other stakeholders
Support the analysis and evaluation of audit frameworks to determine applicability and compliance resource requirements
Identify policy and process improvement opportunities, automation opportunities, develop recommendations, and communicate with stakeholders collaboratively
At all times you will be expected to communicate effectively and build positive relationships with other Veeva teams

Requirements
2+ years of experience in roles where the primary responsibilities are centered on achieving successful ISO 27001 or SOC 2 Type 2 audit results. This includes:
Thorough understanding of the requirements for all the controls in the ISO 27001 andor SOC 2 standards
Engaging stakeholders (internal customers, executive leadership, technology and business teams) to motivate and influence behaviors and decisions in support of compliance
Experience in assessing control gaps and advising engineering and business process teams on closing those gaps
Generating and collecting evidence necessary to demonstrate adherence to the ISO 27001 or SOC 2 standards
Reviewing and organizing evidence to ensure that it can be used to demonstrate standards compliance
Demonstrated experience and track record of success working in a teamoriented, collaborative environment
Demonstrated ability to work independently
Highly attentive to details
Strong verbal and written communication skills

Nice to Have
Experience with FISMA, GovRAMP, FedRAMP, SOX, HIPAA regulationscompliance frameworks
Relevant certifications such as CISSP, CISA, CRISC, CIPP, CIPM, CIPT
Technical experience in an engineering, software development, or technical support role
Bachelor’s degree in computer science, information security, or other related discipline

Perks & Benefits
Medical, dental, vision, and basic life insurance
Flexible PTO and company paid holidays
Retirement programs
1% charitable giving program

Compensation
Base pay: $70,000 $120,000
The salary range listed here has been provided to comply with local regulations and represents a potential base salary range for this role. Please note that actual salaries may vary within the range above or below, depending on experience and location. We look at compensation for each individual and base our offer on your unique qualifications, experience, and expected contributions. This position may also be eligible for other types of compensation in addition to base salary, such as variable bonus andor stock bonus.

#LIRemote
Veeva’s headquarters is located in the San Francisco Bay Area with offices in more than 15 countries around the world.

Veeva is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity or expression, religion, national origin or ancestry, age, disability, marital status, pregnancy, protected veteran status, protected genetic information, political affiliation, or any other characteristics protected by local laws, regulations, or ordinances. If you need assistance or accommodation due to a disability or special need when applying for a role or in our recruitment process, please contact us at talent_accommodations@veeva.com .

Required profile