Technology Audit and Compliance Analyst

Exciting career opportunities in the language access industry are waiting for you at LanguageLine Solutions. Whether you work in the corporate office, in one of our satellite offices, at our Interpreting Call Centers, or work from home, you can help make a difference in someone’s life every second of every day.

Job Description

JOB DESCRIPTION

Position Title: Technology Audit and Compliance Analyst

Reports To: Manager, Tech Audit & Comp

Department: Technology

Work Location: US (Remote)

Classification: Salary, Exempt

Responsibilities

• Oversee programs, policies, and practices to ensure Language Line Solutions (LanguageLine Interpretation Services) complies with the Sarbanes-Oxley Act (SOX), SSAE16 SOC2, ISO27001, HITRUST, and customer audits related to the Information Services function.

• Manage the development and testing of internal controls, reporting, and the identification of process deficiencies and improvements.

• Responsible for security policy development, managing exceptions, promoting security awareness, conducting vendor risk assessments, monitoring cyber security, and addressing vulnerabilities related to CrowdStrike (EDR), Fortra, Qualys, and Kroll vulnerability and penetration testing results

• Support LLS’ Quality Management System (QMS) to continually improve the Division’s processes, procedures, and services and thereby increase efficiency, productivity, effectiveness, and customer satisfaction.

Additional Functions

• Identify areas for improvement in Technology control environments across LanguageLine Interpretation Services, LanguageLine Translation Services, Fluent, and LanguageLine UK Services.

• Lead testing of Technology controls for SOX, SSAE16 SOC2, PCI, ISO27001, and HITRUST on a monthly, quarterly, and annual basis.

• Develop, maintain, and publish up-to-date Information Security Policies.

• Seek automation opportunities and efficiencies in current controls for internal operations at LanguageLine Interpretation Services, LanguageLine Translation Services, Fluent, LanguageLine UK Services, and key vendors.

• Serve as a key liaison between Technology & Risk Management and business units.

• Align technology and business goals, securing support for technology control and security initiatives.

• Actively contribute to and manage a variety of security projects for both internal and external customers.

• Act as a Technology Subject Matter Expert (SME) for external technology audits and assessments.

• Serve as an SME for Technology Security and Awareness programs for internal and external customers.

• Evaluate information technology general controls (ITGC) related to information security, systems development life cycle (SDLC), change management, data center/physical security, data backup and recovery, computer operations, and associated risk exposures.

• Lead vulnerability and penetration testing, including for internal/external networks and Over-The-Phone, Video, and Document Translation applications.

• Actively monitor emerging threats using available alerting services and follow the incident response process as needed.

• Support tier 1, tier 2, and tier …