Senior Analyst, Risk and Compliance

Job Description

Overview:Cvent is a leading meetings, events, and hospitality technology provider with more than 4,800 employees and ~22,000 customers worldwide, including 53 PERCENT of the Fortune 500. Founded in 1999, Cvent delivers a comprehensive event marketing and management platform for marketers and event professionals and offers software solutions to hotels, special event venues, and destinations to help them grow their group/MICE and corporate travel business. Our technology brings millions of people together at events around the world. In short, were transforming the meetings and events industry through innovative technology that powers human connection.The DNA of Cvent is our people, and our culture has an emphasis on fostering intrapreneurship a system that encourages Cventers to think and act like individual entrepreneurs and empowers them to take action, embrace risk, and make decisions as if they had founded the company themselves. At Cvent, we value the diverse perspectives that each individual brings. Whether working with a team of colleagues or with clients, we ensure that we foster a culture that celebrates differences and builds on shared connections.In This Role, You Will:

• Perform and manage IT internal audit, security risk assessment, and IT governance, risk, and compliance projects across Cvents global business and IT operations. The candidates responsibilities will include performing IT general controls / IT application controls testing (60-70 PERCENT ) and supporting security compliance audits (30-40 PERCENT ). Past experience in IT audit with a working knowledge of Sarbanes-Oxley, COSO framework, and relevant security compliance frameworks is preferred. Duties will include, but may not be limited to:
  • Lead IT testing efforts for the companys global internal controls compliance programs, including planning, testing, and evaluating IT general controls and IT application controls.
  • Coordinate and perform walkthrough discussions with business owners to document an understanding of control/process designs.
  • Ensure the preparation of detailed and well-organized audit workpapers, documenting testing procedures, findings, and recommendations.
  • Investigate and address complex issues and control deficiencies, collaborating with leaders from across the organization to develop effective solutions.
  • Support security risk assessments, security compliance audits (e.g., PCI DSS, SSAE 18/SOC 1/SOC 2, ISO 27001:2013), and external audits.
  • Assist with maintenance of compliance documentation consisting of policies, standard operating procedures, guidelines, flowcharts, and process narratives.

Heres What You Need:

• 3-6 years of demonstrated experience in IT auditing, security risk management, or governance risk, and compliance.
• Working knowledge of Sarbanes-Oxley, COSO, and relevant industry security standards (e.g., ISO 27001:2013, PCI DSS, and SOC 1 / SOC 2).
• Ability to learn quickly with a willingness to take ownership for new projects in a dynamic, fast-changing, entrepreneurial environment.
• Ability to collaborate across teams, regions, and cultures. This role will work collaboratively and cross-functionally with the Internal Controls, Information Security, and Internal Audit teams (based in India and the United States) to manage the companys global and rapidly evolving internal controls and compliance programs.
• Good interpersonal communication skills with the confidence to engage and collaborate with internal stakeholders, senior management, and external auditors to achieve positive compliance outcomes.
• Excellent presentation and written communications skills and a team-focused attitude.
• Proficiency with productivity and collaboration tools, such as AuditBoard, Microsoft Office, Slack, Box, and Zoom.
• Knowledge of Oracle EBS, AWS, and common enterprise SaaS solutions (e.g., Salesforce, Coupa, Workday) is a plus.
• Possess or actively seeking relevant certifications, such as CA, CIA, CISSP, CISA, CISM, or CRISC.

LocationsGurugram, India

Keyskills :
it auditing experiencesecurity risk assessment compliance framework knowledgeinterpersonal communication skillscontrol testing proficiency security compliance cissp it governance cisa oracle information security cism iso 27001 pci dss