Compliance Analyst

Ampstek

European Union

Full-time

Remote

Intermediate

posted 8 days ago

About Ampstek

Ampstek supplies thousands of tech and digital professionals annually to a range of clients through its offices which spread across in 42 countries. From simple beginnings in 2014, Ampstek has always been on a journey to reinvent the world of recruitment through creating amazing customer and candidate experiences driven by a genuine desire to build long term relationships and outcomes. This motivation to break from the pack is stronger than ever as we roll out Ampstek Power globally, an innovative life hub platform for freelancers based around rewarding loyalty and providing a range of professional and personal wellbeing programs.

AmpsTek is an global information technology consulting company with its headquarters in Princeton,NJ,USA and has a global presence spanning 40 countries across USA,Australia,NZ,Singapore,Malaysia,Canada,CostaRica,Mexico,UK,Germany,France,Sweden,Denmark,Austria,Belgium,Netherlands,Romania,Poland,Hungary,Spain,Czech,Bulagaria,Ireland,Norway,Croatia,Slovakia,Portuagl,Switzerland,Greece,Phillipines,Vietnam,Thailand,Indonesia,Srilanka,India,Southkorea,Taiwan,Hongkong, Southafrica, UAE, Turkey

At Ampstek we see community impact and legacy as vital to our business, which is why we tackle social bias and attitudes. We provide employment opportunities for young people experiencing barriers to employment, and programs like 100% Human at Work promoting the importance of diversity, equality and respect in the workplace. We look to lead the way so we’re delighted to have our efforts acknowledged with awards globally in the last few years from the likes of LinkedIn, EY, Deloitte, who recognised Ampstek as one of the Top 30 companies in the world to work based on employee engagement.

Our specialist areas include: Microsoft Dynamics Azure Mobile (IOS & Android) Development SAP,ERP Big Data and Business Intelligence Business Analysis, QA & Testing Solution Design & Architecture Network and Application Security Cloud Hosting & DevOp’s Engineers

The Role

In this role, you will be an essential member of the ATE Compliance Program, directly reporting to the Compliance Program Lead. Your primary responsibility will be to thoroughly understand compliance standards and assist teams in applying them correctly. This position focuses on validating the effectiveness of controls across ITGC, ISP, and QMS domains. You will conduct control testing, review evidence, facilitate audits, respond to inquiries, support escalations, and engage in discussions about control design to ensure compliance standards are understood and met. Additionally, you will assist with Quality Management System (QMS) testing for both global and territory-specific controls, including the collection and validation of audit evidence throughout the year. Collaboration is key, as you will work closely with IT product teams, security, risk management, QMS resource owners, and both internal and external auditors to ensure teams remain compliant and audit-ready.

Responsibilities

  • Develop a comprehensive understanding of Information Security Policy (ISP) and Controls Standard, assisting product and technology teams in applying requirements to their environments.
  • Test and validate ITGC controls across key domains including Access Controls, System Development and Change Management, Cyber Security and Data Protection, Service Management, and Resilience.
  • Validate controls within:
    • Identity and access management: Ensure provisioning and de-provisioning, privileged access reviews, segregation of duties, and authentication mechanisms are functioning as required.
    • Change management: Verify that SDLC controls, change management procedures, emergency change processes, and application development security controls are designed and operating effectively.
    • Cyber security operations: Confirm that incident management, malware protection, vulnerability and patch management, encryption, certificate administration, and logging and monitoring controls meet ISP requirements.
    • Database and network controls: Ensure compliance of database configuration and administration, firewall configuration, and system performance monitoring.
    • Resilience: Validate that business continuity and disaster recovery plans are tested annually and that evidence supports compliance.
  • Review and validate evidence of application penetration testing performed by independent third parties in accordance with ISP requirements, ensuring completeness for audit requests.
  • Conduct compliance checks to assess adherence to ISP, controls, and relevant standards by reviewing vulnerability scans, security control validations, and other evidence.
  • Document test results clearly and escalate deficiencies or areas of concern to the Compliance Program Lead with practical recommendations.
  • Support control design discussions with product and technology teams to help them understand and meet ISP and ITGC requirements proactively.

Requirements

  • Bachelor's degree in business, information technology, information security, risk management, or a related field.
  • 2–4 years of experience in compliance, IT audit, ITGC testing, QMS testing, or risk management, preferably in a regulated IT or product environment.
  • Strong understanding of SOC 2, ISO 27001, and 7216, with experience facilitating audits and validating evidence from preparation through remediation.
  • Demonstrated experience validating ITGC controls, including access controls, change management, operations, SDLC, and resilience.
  • Experience supporting or executing QMS control testing across global and territory-specific control frameworks.
  • Working knowledge of information security policies and control frameworks, with the ability to interpret standards and validate compliance.
  • Ability to identify and escalate compliance and operational risks within a portfolio context.

What We Offer

  • Competitive salary and benefits package.
  • Opportunities for professional growth and development.
  • A collaborative work environment that values teamwork and innovation.

If you are passionate about compliance and want to make a significant impact on our organization, we encourage you to apply and join our team.

Required skills

data protection

Information Security

Disaster Recovery

logging

database

SDLC

Information Technology

cyber security

English level

Professional

Still searching manually?

Let us do the work for you.

Tota works for you

We scan thousands of jobs daily and notify you when there is a match. No searching needed.

Anonymous, safe and free

Your profile stays anonymous. Your employer will not see it. You choose when to become visible.

Ready in 3 minutes

Answer a few questions and create your profile in minutes. No commitment.

About TotaMatch

TotaMatch helps professionals find work that truly fits their work happiness. We believe work is more than just an income. It is a source of fulfillment, growth, and pride. Instead of endlessly scrolling through job boards, TotaMatch works for you. Our platform continuously analyzes thousands of opportunities and identifies roles that align with what truly matters to you. You focus on your work and the people around you. We make sure you never miss a better opportunity.