Job added in hotlist
Applied job
Contract job
Recruiter job
Employer job
Expanded search
Apply online not available
View more jobs in Frankfort, KY
View more jobs in Kentucky

Job Details

Novi Security Policy and Compliance Analyst

Company name

Frankfort, KY, United States

Employment Type

It, Compliance

Posted on
Apr 23, 2021

Valid Through
Aug 06, 2021

Apply for this job



Facebook's mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we're building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together. Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities - we're just getting started.


Novi is building a hub of financial services, products and solutions that connect everyone, everywhere, creating greater opportunity for all. Its technical foundation is the open-sourced Diem blockchain network. Diem’s mission is to create a simple, borderless global currency and financial ecosystem that empowers billions of people. Novi Research is the research arm of Novi, and is of great importance due to the cutting-edge nature of the technical challenges and Novi’s openness to scrutiny.The Novi Security team is seeking a passionate and experienced Security Policy and Compliance Analyst to join our team. This role helps provide the foundation for the security of Novi products and the financial information of potentially billions of people. This role will be responsible for understanding and supporting the design Novi's organizational, procedural and technical security controls within the context of protecting our customers, data, and infrastructure along with incorporating the global regulatory frameworks applicable to our business. The position will also help codify these controls in supporting documentation and explain them to internal and external stakeholders. The Security Policy and Compliance Analyst will be someone that has a passion for implementing innovative security controls that mitigate risk to the company while also not impacting the culture of rapid innovation. This role requires a mix of broad, business and technical acumen, the ability to inspire and influence decisions pertaining to regulatory standards, and a polished ability to communicate with key internal stakeholders. The ideal candidate has a software and security engineering background who has demonstrated security compliance experience.

Required Skills:

Help demonstrate Novi’s commitment to security to external stakeholders

Understand technical implementation details necessary to identify and assess security risks and recommend mitigating controls that support the velocity in which Novi needs to operate

Participate in the development and oversight of required corrective action plans relating to security compliance issues

Support business relationships with the internal and external security auditors and regulators

Identify, research, and evaluate new compliance requirements and ensure they are incorporated into Novi’s security policy framework

Support the communication of policies, procedures, and plans to internal stakeholders regarding security and compliance best practices around applicable laws, regulations, and controls

Support the identification, validation and remediation of information technology controls required of financial institutions across diverse geographies

Partner with internal teams to ensure successful security programs align with compliance requirements and to make sure we’re doing what we say we are

Understand the security needs of internal and external stakeholders around external business partners and maintain a process that meets stakeholder needs

Coordinate and drive business partner security assessment activities for both inbound and outbound relationships

Lead assessments of business partner security risk, develop mitigation plans, and work with internal stakeholders to assign monitoring responsibility. Prepare and complete annual risk assessments and assist with regulatory and accreditation audit preparation as needed

Support business partner selection on significant sourcing decisions and reassess security risk for business partners prior to contract renewals

Minimum Qualifications:

3 years experience supporting security compliance programs within the technology space

7 years combined experience in a security, technology, and/or software engineering related role

Demonstrated experience of data security frameworks and regulatory standards including PCI, GAPP, SOC2, GDPR, ISO27001/2, and SOX

Effective communication skills

Proven project management skills

Experience developing security and compliance reporting for a variety of audiences, including executive management

Demonstrated leadership skills with the experience working effectively across various levels

Experience developing and submitting audit and compliance reports to governing bodies, legal entities, and/or external authorities

Experienced in processes for assessing and designing internal controls for large scale organizations

Demonstrated knowledge and experience of security controls across all security domains such as access management, encryption methods, vulnerability management, network security, etc.

Experience assessing security risk for large scale organizations

Preferred Qualifications:

Deep experience in information security compliance

Specific experience in cloud services organization

A mix of security consulting/professional services and industry experience strongly preferred

Industry: Internet

Equal Opportunity: Facebook is proud to be an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Facebook is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at

Company info

Website :

I was very pleased with the ComplianceCrossing. I found a great position within a short amount of time … I definitely recommend this to anyone looking for a better opportunity.
Jose M - Santa Cruz, CA
  • All we do is research jobs.
  • Our team of researchers, programmers, and analysts find you jobs from over 1,000 career pages and other sources
  • Our members get more interviews and jobs than people who use "public job boards"
Shoot for the moon. Even if you miss it, you will land among the stars.
ComplianceCrossing - #1 Job Aggregation and Private Job-Opening Research Service — The Most Quality Jobs Anywhere
ComplianceCrossing is the first job consolidation service in the employment industry to seek to include every job that exists in the world.
Copyright © 2021 ComplianceCrossing - All rights reserved. 168 192