Compliance Analyst

Job Description

The Compliance Analyst role within Vista Outdoor/Revelyst will collaborate with business stakeholders and IT Operations & IT Security teams to enhance compliance programs. The Compliance Analyst will support vendor vetting, stay current on regulation changes, assess requirements, oversee projects, and conduct internal compliance assessments.

This position reports to the Director of Enterprise Applications & Integrations and allows you the flexibility to work from your home office or out of our Anoka, MN office.

As the Compliance Analyst, you will have an opportunity to:

• Validate the coverage and configuration of the solutions required by PCI DSS.
• Support enhancement of privacy posture (PII, DPA, GDPR, CCPA/CPRA, CDPA, Cookie Compliance, DSAR).
• Conduct third-party risk analysis (includes reviewing DPA and SOC 2 documents).
• Interface with Internal Audit team for SOX compliance following the COSO framework.
• Contribute to compliance initiatives for DoD contracts (NIST 800-171, DFARS, CUI, Form 889, CMMC).
• Analyze e-commerce fraud.
• Perform technical project management and author documentation.
• Partner with SMEs to design and implement solutions required for remediation.
• Gather, collate, classify, monitor, and report information in relation to an evaluation.
• Understand company policies and procedures and the functional business disciplines being reviewed to ensure appropriate, timely, and effective.
• Review and recommend procedure and information security policy changes to support industry best practices and mitigate risk.

You have:

• 3-5 years IT compliance experience.
• Ability to successfully partner and collaborate cross-functionally with IT, Internal Audit, Legal, and Engineering.
• Knowledge of industry standards and compliance best practices.
• Experience in IT operational processes, security practices, and remediation.
• General IT knowledge in: Change Management, Application Security, Access Security, Computer Operations, Segregation of Duties, Cloud Environments.
• Experience with Microsoft Office applications.
• Strong organizational, interpersonal and communication (verbal and written) skills.
• Ability to manage your individual workload to balance multiple priorities to achieve deadlines and project milestones.
• Ability to recognize and communicate business risks and understand business processes and functional linkages between processes, risks, and controls.

You might have:

• Bachelor's degree in Information Systems, Computer Science, or related-field.
• Industry Certifications (PCI QSA/ISA/PCIP, Security+, CISSP, OneTrust, etc.).
• Knowledge of the following: Penetration Testing, Vulnerability Scanning, Anti-virus and Malware, Application Code Scanning and Secure Coding Practices, Configuration Management, File Integrity Monitoring, Multi-Factor Authentication, Encryption and Key Management, Hardening of servers and network devices.

Pay Range:

The actual annual salary offered to a candidate will be based on variables including experience, geographic location, education, and skills/achievements, and will be mutually agreed upon at the time of offer.

We offer a highly competitive salary, comprehensive benefits including: medical and dental, vision, disability and life insurance, 401K, PTO, tuition reimbursement, gear discounts and the ability to add value to an exciting mission!

Our Postings are not intended for distribution to or use in any jurisdiction, country or territory where such distribution or use would violate local law or would subject us to any regulations in another jurisdiction, country or territory. We reserve the right to limit our Postings in any jurisdiction, country or territory.

Equal Opportunity Employer Minorities/Females/Protected Veteran/Disabled