[Hiring] IT Compliance Principal Analyst @TTEC

Role Description

The Principal Compliance Analyst will ensure that adequate and effective security processes and controls are followed and aligned to deliver compliance with security policy and regulatory requirements. The Principal Compliance Analyst reports to TTEC’s Information Security Commercial Compliance Manager and is responsible for evaluating, testing, and supporting external audits for TTEC’s Commercial Compliance programs on applicable systems to provide internal governance to enhance and strengthen our security position and achieve attestation. The Principal Compliance Analyst will focus on both enterprise and client-specific assessments.

You’ll report to the Compliance Advisor Lead.

During a Typical Day, You’ll:

• Lead the completion of compliance programs such as PCI Data Security Standard (PCI-DSS), SOC 1 Type II and SOC 2 Type II compliance efforts, ISO 27001, HIPAA, and HITRUST.
• Obtain and review evidence of compliance for adherence to standards to ensure commercial compliance controls are implemented across the organization.
• Monitor changes to Commercial Compliance program standards, such as ISO27001, PCI, etc. to ensure continued compliance.
• Support internal and external audits related to Information Security compliance and applicable security controls according to compliance standards every year.
• Assist in maintaining issue tracking and status updates.
• Lead in the development and execution of corrective action plans to address non-compliance and audit findings.
• Stay current with and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise.
• Collaborate with other Compliance Analysts to identify overlaps with complementary compliance frameworks.
• Work closely with cross-functional teams and develop strong relationships as an integral member of Information Security Compliance.
• Recommend and drive efficiencies and improvements to support the successful completion of compliance initiatives.

Qualifications

• Bachelor’s degree and 6-8 years of related work experience or equivalent combination of education and experience.
• Strong technical knowledge of applicable regulatory requirements in one or more compliance programs such as Payment Card Industry Data Security Standard (PCI-DSS), SOC 1, SOC 2, ISO 27001:2022, HIPAA, and HITRUST.
• Ability to organize and track large amounts of information; project management skills a plus.
• Ability to manage challenging client interactions with professionalism, ensuring effective communication and support throughout compliance engagements.
• Understanding of Information Security principles and processes and general knowledge of IT policy development and management.
• Background in applying and assessing security controls.
• Experience in Governance, Risk & Compliance (GRC).
• Highly self-motivated, directed, and detail-oriented; willing to take the initiative.
• Shown analytical, evaluative, and problem-solving abilities.
• Ability to optimally prioritize and complete tasks in a fast-paced environment.
• Extensive experience working in a team-oriented, collaborative environment.
• Strong written and oral communication skills.
• Good interpersonal skills and customer service skills to work with internal and external personnel.
• Current PMP, CISSP, CISA, CISM certification or other certification(s) relevant to information security a plus.

Benefits

• Supportive of your career and professional development.
• An inclusive culture and community-minded organization where giving back is encouraged.
• A global team of curious lifelong learners guided by our company values.
• Ask us about our paid time off (PTO) and wellness and healthcare benefits.
• A great compensation package and performance bonus opportunities.
• Benefits you'd expect, and maybe a few that would pleasantly surprise you (like tuition reimbursement).