Compliance Analyst

Job Description  

Hybrid; ability to come to Danvers, MA location 2-3 times a month. Will consider Remote, prefer East Coast Time Zone  

CCC is currently looking for a Compliance Analyst. You are a highly skilled and motivated person with expertise in ISO 27001, SOC 2 Type 2, and PCI compliance standards. In this role, you will be responsible for ensuring that our organization maintains compliance with these critical frameworks, which are fundamental to our information security and data privacy practices.  

You will play a key role in conducting assessments, implementing controls, and driving continuous improvement initiatives to enhance our compliance posture. Ideally, you will possess in-depth knowledge of these standards, strong analytical abilities, and excellent communication skills to effectively collaborate with cross-functional teams.  

What you will be doing:  

• Lead Compliance Programs: Oversee the implementation, maintenance, and enhancement of compliance programs for ISO 27001, SOC 2 Type 2, and PCI DSS.  
• Conduct Assessments & Audits: Perform regular assessments, audits, and gap analyses to ensure adherence to compliance standards.  
• Manage Compliance Processes: Monitor, track, and manage compliance-related activities, including Quarterly Access Reviews, control testing, and documentation updates.  
• Stakeholder Collaboration: Work with internal teams to develop and implement control measures and processes that meet compliance requirements.  
• Support External Audits: Assist in external audits by providing necessary documentation and support, ensuring smooth communication with auditors.  
• Stay Informed & Train Staff: Keep up with regulatory changes, provide guidance, and train employees on compliance-related matters.  

Requirements  

• Educational Background: Bachelor's degree in IT, computer science, or related field. Advanced degrees or certifications (e.g., CISSP, CISA, ISO 27001 Lead Auditor) are preferred.  
• Experience & Expertise: Minimum of 2 years in information security, compliance, or risk management, with a focus on ISO 27001, SOC 2 Type 2, and PCI DSS.  
• Compliance & Risk Management: Proficient in implementing and maintaining compliance programs, conducting risk assessments, control evaluations, and gap analyses.  
• Analytical & Technical Skills: Strong analytical abilities to assess complex systems, identify risks, and develop control measures. Familiarity with tools, methodologies, and frameworks like NIST and GDPR is a plus.  
• Communication & Collaboration: Excellent communication skills for conveying technical concepts to non-technical stakeholders and working effectively across teams.  
• Professionalism & Integrity: High ethical standards, with the ability to manage multiple projects, work independently, and maintain confidentiality in a fast-paced environment.  

CCC is more than a company, it’s a community. Our smart, talented, and compassionate team members make CCC a special place to work. We invest significantly in their development and well-being to give them the resources they need to grow.  

CCC actively advocates for copyright around the world, engaging governments, stakeholders, and individuals with educational programming and thought leadership.  

We are an agile and dynamic organization made stronger by our increasingly diverse community. Our team is encouraged and supported to contribute thoughts and ideas and is committed to a diverse, inclusive, equitable, vibrant ecosystem that cultivates opportunity and attracts talented people. We recognize high performance and innovative thinking in how we can continue to be more inclusive, foster change in our industry, access and serve underserved markets, and contribute to the common good in a way that makes a difference in the world.  

CCC is committed to a diverse, inclusive, equitable, and vibrant ecosystem that cultivates opportunity for our team and attracts talented people. We are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates without regard to race, color, religion, sex, pregnancy, national origin, age, physical and/or mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and/or veteran status, and any other characteristic protected by applicable law. CCC understands that diversity and inclusion among our teammates is critical to our success as a global company.  

If you need accommodation for any part of the employment process because of disability, please phone Human Resources to let us know the nature of your request.