Logo for Toast
Technical Compliance Analyst
Toast
Posted 10 days ago
Description

Toast is driven by building the restaurant platform that helps restaurants adapt, take control, and get back to what they do best: building the businesses they love.

The Technical Governance, Risk and Compliance (Technical GRC) team enables the growth of Toast as we build secure products and enter new markets while meeting industry and regulatory requirements. Our team is a second-line function, providing oversight and leadership to a first-line team designed for high-velocity product innovation and development.

We are currently seeking a Technical Compliance Analyst who will work alongside both our internal stakeholders and internal/external auditors to coordinate and execute on several compliance programs including: Sarbanes-Oxley (SOX) IT, SOC, PCI, and others that become applicable as Toast growth into more products offerings or geographical expansion. In this role, you will collaborate with various teams throughout Toast, including Engineering, IT, HR, and Internal Audit, contributing to the overall success of our Technical GRC function.  The successful candidate will report directly to the Sr. Director of Technical Compliance, who is responsible for Toast's 2nd line function across all Technical Compliance programs (e.g. SOX, SOC, PCI, etc). 

 

About this roll* (Responsibilities) 

  • Assist in Compliance and Validation Testing - Support the team in conducting routine proactive assessments of IT controls, systems, and procedures to ensure compliance with expected requirements and controls.  
  • Support Evidence Collection and Validation - Act as an intermediary between the Toast teams and external auditors during audits. This includes assistance in managing and clarifying requests for evidence, and ensuring evidence requests are appropriately and timely fulfilled by Toast teams. 
  • Risk Identification Support for Compliance - Assist in proactively identifying potential compliance vulnerabilities, risks, or emerging areas of focus within IT processes in line with compliance standards. Participate in developing and assessing management action under the guidance of more senior team members.
  • Policy and Procedure Definition and Maturity - Support the team in developing, implementing, and maintaining IT policies and procedures that meet external and internal requirements. Help ensure these procedures are effectively communicated across all IT departments.
  • Assist In Reporting and Documentation for Assessments - Help prepare detailed reports on status, findings, etc under the guidance of senior team members.
  • Contribute Toward the Continued Growth of a Compliance First Culture - Support the creation and facilitation of compliance training programs, runbooks, and communications to further enable Toasters to continuously operate in a compliant manner.

 

Do you have the right ingredients*? (Requirements)

  • 5+ years of experience supporting IT compliance activities across programs such as SOX IT, SOC, PCI, etc. 
  • Experience with compliance programs in fast changing and evolving environments 
  • Knowledge of SOX 404, SOC, and IT General Control requirements, scoping, control design, control implementation.
  • Experience with other IT-related audits (PCI, ISO27001,etc) is a plus.
  • Familiarity with SEC rules and regulations.
  • Effective communication and writing skills, with the ability to clearly and concisely articulate complex ideas and concepts in both verbal and written form.

 

Our Spread* of Total Rewards
We strive to provide competitive compensation and benefits programs that help to attract, retain, and motivate the best and brightest people in our industry. Our total rewards package goes beyond great earnings potential and provides the means to a healthy lifestyle with the flexibility to meet Toasters’ changing needs. Learn more about our benefits at https://careers.toasttab.com/toast-benefits.

*Bread puns encouraged but not required

#LI-Remote

More Similar Roles...

Want more remote roles like this one sent to you?