Senior Compliance Specialist

In the last year at Loka, we’ve helped clients advance the world’s #1 AI reading tutor, eliminate $1B in food waste and develop novel drugs for fighting cancer. To cap it off, at the end of 2024 Loka was recognized by AWS as Innovation Partner of the Year, outshining 150,000 partners for the title. And we did it all while working remotely and enjoying every other Friday off 😎

We’re seeking a Senior Compliance Specialist to join our growing team. With a majority of our clients in Healthcare, Life Sciences, FinTech and other highly regulated industries, our compliance expertise is a company asset that separates us from our competitors. You’ll apply your talent and experience alongside our Head of Compliance, helping us expand our capacity as we take on more and bigger clients.

• Assist the Head of Compliance/Compliance Project Manager with developing company policies and procedures compliant with FDA, SOC 2, HIPAA, ISO 27001, NIST, ISO 42001, GDPR, PCI and other applicable regulatory requirements in cooperation with other team members and clients.
• Participate in risk assessments and gap analysis against frameworks (SOC, ISO, HIPAA, PCI, etc.).
• Support ongoing management of security awareness training platforms and Mobile Device Management (MDM) solutions, including user enrollment, policy enforcement and compliance reporting.
• Attend client meetings to assist in documenting compliance and regulatory requirements.
• Assist the Head of Compliance/Compliance Project Manager in documenting controls (ex.Control matrix, lead sheets) and actively participate in preparing tasks/assignments for applicable teams (DevOps, System Administration, Operations, Engineering) to ensure compliance with company policies.
• Assist in performing periodic audit testing of the established controls/requirements in the Control Matrix and other company policies and procedures.
• Assist in gathering evidence and reviewing results of the audit testing by actively communicating with relevant technical and operations teams.
• Assist in documenting exceptions, if any, from the audit testing and participate in assigning, monitoring and documenting remediation steps.
• Provide detailed compliance project status reports to the Head of Compliance/Compliance Project Manager.
• Communicate proactively to Head of Compliance/Compliance Project Manager regarding any potential issues.
• Support the Head of Compliance/Compliance Project Manager during the communication with auditors regularly before and during an audit period, if applicable.
• Attend relevant trainings and courses to gain new skills and assist the Head of Compliance/Compliance Project Manager in understanding and implementing new compliance and regulatory requirements.

• 2+ years of Compliance Operations experience with FDA, SOC 2, HIPAA, NIST, ISO 27001, ISO 42001, PCI and other applicable audits or other applicable standards
• Experience with project management tools such as Asana, Jira or Trello is a plus
• Strong understanding of the Software Development Life Cycle (SDLC) and development best practices is a plus
• Experience with implementing controls in AWS, Google Cloud, Azure, GitHub and other platforms is a plus
• GRC platforms experience is a plus
• English language fluency. We work entirely in English for meetings, customer calls and business communications.

• Curious: You desire to learn about different industries.
• Autonomous: You excel as part of a fully remote, globally distributed team.
• Collaborative: You enjoy communicating and working with others.
• Adaptable: You operate with a startup mindset and move at a startup pace.