Relativity is hiring a
Senior Risk and Compliance Analyst

Summary

The job is for a Senior Risk and Compliance Analyst – Risk Manager at Relativity. The role involves managing risks, implementing risk policies, conducting risk analysis, and coordinating risk assessments.

Requirements

• 3+ years of experience in enterprise risk management, third party risk management, auditing, or compliance analyst
• Strong utilization of an enterprise risk management framework or supplier assessments
• Familiarity with security and privacy standards such as ISO/IEC 27001, ISO/IEC 27018, HITRUST CSF, FedRAMP, NIST SP 800-53, HIPAA Privacy and Security Rules, SOC 2 Privacy Principles, etc
• Excellent communication, written and analytical skills
• Demonstrated ability to identify relevant facts and apply a governing compliance and/or legal framework or policy
• Demonstrated ability to present key risk concepts to management and leadership
• Experience in working with Governance, Risk, and Compliance tools, such as Archer or LogicGate

Responsibilities

• Implement and enable a forward-thinking and future-facing risk program
• Develop and implement risk management policies, procedures, and frameworks
• Coordinate and facilitate risk assessments, risk reporting, risk mitigation, and risk awareness activities
• Provide advice and guidance to senior management and business units on risk-related issues
• Conduct risk analysis and evaluation for new projects, suppliers, products, services, or initiatives
• Manage and oversee the risk register, risk dashboard, risk indicators, and risk incidents
• Maintain and evolve all third-party and internal risk ratings and scorecards
• Lead or participate in internal and external audits, inspections, and reviews related to risk management
• Provide counsel, training and education to staff and management on risk management concepts
• Keep abreast of emerging risks, industry trends, and regulatory changes

Preferred Qualifications

• Acted in a continuous monitoring role for either suppliers or customers
• Acted in internal or external consulting capacity on technology, privacy, and control risk for new/current initiatives
• Direct work experience with security and privacy standards such as ISO/IEC 27001, ISO/IEC 27018, HITRUST CSF, FedRAMP, NIST SP 800-53, HIPAA Privacy and Security Rules, SOC 2 Privacy Principles, etc
• Strong experience in building programs within a GRC Tool, such as Archer or LogicGate
• Security or Risk Management Certification, such as CISM, CRISC, CISA, CRCMP, COSO ERM Certificate, etc

Benefits

• Competitive base salary
• Annual performance bonus target of 10%
• Long-term incentives
• Expected salary range between 176,000 and 264,000 PLN gross/year