Toast is driven by building the restaurant platform that helps restaurants adapt, take control, and get back to what they do best: building the businesses they love.
The Technical Governance, Risk and Compliance (Technical GRC) team enables the growth of Toast as we build secure products and enter new markets while meeting industry and regulatory requirements. Our team is a second-line function, providing oversight and leadership to a first-line team designed for high-velocity product innovation and development.
We are currently seeking a Lead Technical Compliance Analyst who will work alongside both our internal stakeholders and internal/external auditors to coordinate and execute on several compliance programs including: Sarbanes-Oxley (SOX) IT, SOC, PCI, and others that become applicable as Toast expands into more products offerings or geographies. In this role, you will collaborate with various teams throughout Toast, including Engineering, IT, HR, and Internal Audit, contributing to the overall success of our Technical GRC function.
The successful candidate will report directly to the Sr. Director of Technical Compliance, who is responsible for Toast's 2nd line function across all Technical Compliance programs (e.g. SOX, SOC, PCI, etc).
About this role (Responsibilities)
* Compliance and Validation Testing - Direct and support activities related to routine proactive assessments of IT controls, systems, and procedures to ensure compliance with expected requirements and controls.
* Evidence Collection and Validation - Act as an intermediary between the Toast teams and external auditors during audits. This includes assistance in managing and clarifying requests for evidence, and ensuring evidence requests are appropriately and timely fulfilled by Toast teams.
* Risk Identification Support for Compliance - Assist in proactively identifying potential compliance vulnerabilities, risks, or emerging areas of focus within IT processes in line with compliance standards. Participate in developing and assessing management action under the guidance of more senior team members.
* Process and Procedure Definition and Maturity - Support the team in developing, implementing, and maintaining IT Compliance processes and procedures that meet external and internal requirements. Help ensure these procedures are effectively communicated across all IT departments.
* Reporting and Documentation for Assessments - Help prepare detailed reports on status, findings, etc under the guidance of senior team members.
* Continued Growth of a Compliance First Culture - Support the creation and facilitation of compliance training programs, runbooks, and communications to further enable Toasters to continuously operate in a compliant manner.
Do you have the right ingredients? (Requirements)
* 5+ years of experience supporting IT compliance activities across programs such as SOX IT, SOC, PCI, etc.
* Knowledge of SOX 404, SOC, and IT General Control requirements, scoping, control design, control implementation.
* Understanding of cloud computing architectures and security patterns, including assessing and implementing compliance controls in such environments.
* Familiarity with GRC (Governance, Risk, and Compliance) solutions, tools, platforms, and Enterprise Risk Management (ERM) processes.
* Experience with compliance programs in fast changing and evolving environments
* High levels of curiosity, persistence, and a grounded approach to getting things done.
* Effective communication and writing skills, with the ability to clearly and concisely articulate complex ideas and concepts in both verbal and written form.
Bonus ingredients:
* Experience working with GRC tools such as AuditBoard.
* Working knowledge and familiarity with ISO 27001, GDPR, EBA's ICT, DORA, PCI.
* Experience working in fintech, payment facilitation / marketplace, merchant processing and/or fraud/risk.
This is a hybrid role, requiring two days per week in our Dublin office
Our Spread of Total Rewards: We strive to provide competitive compensation and benefits programs that help to attract, retain, and motivate the best and brightest people in our industry.
Diversity, Equity, and Inclusion is Baked into our Recipe for Success
We Thrive Together
We embrace a hybrid work model that fosters in-person collaboration while valuing individual needs.
Toast is committed to creating an accessible and inclusive hiring process. As part of this commitment, we strive to provide reasonable accommodations for persons with disabilities to enable them to access the hiring process.
#J-18808-Ljbffr