Senior IT Compliance Analyst

As a Senior IT Compliance Analyst at Yext, your role will involve supporting the security assurance activities with customers, vendors, and internal teams. You will be responsible for responding to product security-related questions, completing security assessments and audit inquiries, and reviewing security and contract language to ensure compliance with Yext's standards.

• *Role Overview:**

The ideal candidate will collaborate closely with Legal, Sales, and Security teams to ensure accurate, timely, and customer-focused responses while maintaining a strong compliance posture. You will bring deep knowledge of security frameworks, exceptional communication skills, and the ability to partner across business and technical teams to strengthen the organization's overall security posture.

• *Key Responsibilities:**
• Contribute to the development and maintenance of IT & Security policies, standards, and controls.
• Support the annual control attestation process and provide the required evidence.
• Measure, track, and report on security metrics and key performance indicators (KPIs).
• Ensure ongoing alignment with regulatory and industry compliance requirements (e.g., SOC 2, HIPAA, GDPR, NIS2).
• Conduct risk assessments across systems, applications, and vendors, documenting and tracking outcomes.
• Collaborate with IT, Legal, and Security teams to design and implement mitigation strategies.
• Maintain a centralized repository of standardized security questionnaire responses and keep them current with implemented controls.
• Prepare and provide audit-ready evidence for internal and external audits (SOC 2, SOX, ISO 27001, etc.).
• Identify and implement process improvements to increase efficiency in audit preparation, risk assessments, and responses.
• Provide actionable recommendations to management on enhancing security and compliance practices.
• *Qualifications Required:**
• Bachelor's degree in Information Security, Cybersecurity, Computer Science, Engineering, or related field; or equivalent experience.
• 5+ years of experience in information security, with a strong focus on audit and compliance management.
• Demonstrated experience conducting risk and compliance assessments.
• Familiarity with industry and regulatory compliance frameworks (SOC 2, SOX, ISO 27001, NIST CSF, HIPAA, GDPR).
• Advanced written and verbal communication skills, with the ability to engage confidently with executives, clients, and auditors.
• Professional certifications such as CISA, CRISC, CISM, CISSP, or CDPSE preferred.

Yext offers a wide range of benefits and perks to ensure its employees are well-informed, fueled, and rested, including performance-based compensation, comprehensive leave package, health & wellness offerings, relocation benefits, and world-class office & building amenities.

Yext is an equal opportunity employer committed to building a results-driven, engaging culture where every employee has the opportunity to contribute to the success of the company. They welcome employees and applicants of all backgrounds and demographics and do not engage in discrimination on the basis of any protected characteristic recognized under applicable law. Yext also provides reasonable accommodations to people with disabilities as required by law. As a Senior IT Compliance Analyst at Yext, your role will involve supporting the security assurance activities with customers, vendors, and internal teams. You will be responsible for responding to product security-related questions, completing security assessments and audit inquiries, and reviewing security and contract language to ensure compliance with Yext's standards.

• *Role Overview:**

The ideal candidate will collaborate closely with Legal, Sales, and Security teams to ensure accurate, timely, and customer-focused responses while maintaining a strong compliance posture. You will bring deep knowledge of security frameworks, exceptional communication skills, and the ability to partner across business and technical teams to strengthen the organization's overall security posture.

• *Key Responsibilities:**
• Contribute to the development and maintenance of IT & Security policies, standards, and controls.
• Support the annual control attestation process and provide the required evidence.
• Measure, track, and report on security metrics and key performance indicators (KPIs).
• Ensure ongoing alignment with regulatory and industry compliance requirements (e.g., SOC 2, HIPAA, GDPR, NIS2).
• Conduct risk assessments across systems, applications, and vendors, documenting and tracking outcomes.
• Collaborate with IT, Legal, and Security teams to design and implement mitigation strategies.
• Maintain a centralized repository of standardized security questionnaire responses and keep them current with implemented controls.
• Prepare and provide audit-ready evidence for internal and external audits (SOC 2, SOX, ISO 27001, etc.).
• Identify and implement process improvements to increase efficiency